visme-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill requires connecting to an external MCP server at https://rube.app/mcp. This domain is not listed as a trusted organization or repository, though it is standard for this specific integration.\n- PROMPT_INJECTION (LOW): The skill exhibits vulnerability to indirect prompt injection by processing untrusted data from the Visme toolkit.\n
- Ingestion points: Data returned from external Visme operations via RUBE_MULTI_EXECUTE_TOOL (SKILL.md).\n
- Boundary markers: Absent; the instructions do not include delimiters or warnings to ignore instructions embedded in tool outputs.\n
- Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH provide capabilities to execute tools and scripts (SKILL.md).\n
- Sanitization: Absent; no input validation or output escaping is defined in the skill documentation.\n- COMMAND_EXECUTION (SAFE): All operations are performed via structured MCP tool calls rather than direct shell command execution.
Audit Metadata