Skills
skills/composiohq/awesome-claude-skills/turso-automation/Gen Agent Trust Hub

turso-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires users to add an MCP server from an untrusted domain: https://rube.app/mcp.
  • REMOTE_CODE_EXECUTION (HIGH): The use of RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH allows for the execution of remote logic defined by the untrusted server at runtime.
  • PROMPT_INJECTION (HIGH): The skill is highly susceptible to indirect prompt injection. Ingestion points: RUBE_SEARCH_TOOLS returns dynamic tool schemas and execution plans. Boundary markers: Absent; the instructions tell the agent to follow remote recommendations. Capability inventory: Tool execution, remote workbench, and connection management. Sanitization: Absent; the agent is instructed to use the remote schemas exactly as provided.
  • COMMAND_EXECUTION (MEDIUM): The RUBE_REMOTE_WORKBENCH functionality facilitates executing complex operations in a remote environment controlled by the untrusted provider.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:07 AM