The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill requires the configuration of an external MCP server endpoint https://rube.app/mcp. This introduces a dependency on a third-party service provider not listed in the trusted sources.
[PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface (Category 8). The skill dynamically fetches and follows 'recommended execution plans' and schemas from the remote server. Evidence Chain: 1. Ingestion points: Responses from RUBE_SEARCH_TOOLS. 2. Boundary markers: Absent; instructions advise the agent to follow returned schemas and plans directly. 3. Capability inventory: Includes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH which can perform impactful operations. 4. Sanitization: No sanitization or validation is specified for the data returned by the remote tools before execution.

token-metrics-automation