tripadvisor-content-api-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): The skill requires connection to an external MCP server hosted at
https://rube.app/mcp. While this is an external dependency not on the pre-approved list, it is essential for the skill's primary function and does not involve downloading executable scripts to the local host. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it processes content from TripAdvisor (e.g., reviews or listings) which could contain malicious instructions.
- Ingestion points: Data retrieved from TripAdvisor via
RUBE_MULTI_EXECUTE_TOOLor tool schemas fromRUBE_SEARCH_TOOLS. - Boundary markers: Absent. The skill does not define specific delimiters or instructions to ignore embedded commands in the TripAdvisor data.
- Capability inventory: The skill can execute various API-based tools and utilize a remote workbench (
RUBE_REMOTE_WORKBENCH), providing a significant capability surface if malicious instructions are followed. - Sanitization: No sanitization or validation of the external TripAdvisor content is mentioned in the workflow.
Audit Metadata