ticketmaster-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [Unverifiable Dependencies] (HIGH): The skill mandates connection to an untrusted MCP server at
https://rube.app/mcp. This grants a third party control over the tools and execution logic available to the agent.- [Indirect Prompt Injection] (HIGH): The skill is designed to follow 'recommended execution plans' and schemas fetched dynamically fromrube.appviaRUBE_SEARCH_TOOLS. Evidence Chain: 1. Ingestion point:RUBE_SEARCH_TOOLSresponse inSKILL.md. 2. Boundary markers: Absent. 3. Capability inventory:RUBE_MULTI_EXECUTE_TOOL(Ticketmaster account access). 4. Sanitization: Absent.- [Data Exposure] (MEDIUM): UsesRUBE_MANAGE_CONNECTIONSto link Ticketmaster accounts via an untrusted intermediary, risking the exposure of PII or authentication tokens.- [Dynamic Execution] (MEDIUM): EmploysRUBE_REMOTE_WORKBENCH, which executes logic in an external environment controlled by the provider ofrube.app.
Recommendations
- AI detected serious security threats
Audit Metadata