vestaboard-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [External Downloads] (MEDIUM): The skill directs users to add https://rube.app/mcp as an MCP server. This domain is not among the trusted sources, meaning the logic executed by the agent is controlled by an unverified external party.\n- [Dynamic Execution] (MEDIUM): The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to execute actions based on schemas fetched at runtime. This dynamic behavior means the actual operations performed by the agent can change without updating the skill itself.\n- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and act upon data (schemas and tool definitions) from an external API. Evidence Chain: 1. Ingestion points: RUBE_SEARCH_TOOLS response and RUBE_MANAGE_CONNECTIONS response; 2. Boundary markers: Absent; 3. Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH; 4. Sanitization: Absent.
Audit Metadata