waiverfile-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill enables an AI agent to process external content from Waiverfile and use it in conjunction with execution tools. This creates a high-severity surface for indirect prompt injection. * Ingestion points: Waiverfile records retrieved via tools. * Boundary markers: None. * Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH. * Sanitization: None.
- [External Dependencies] (MEDIUM): The setup instructions require configuring an external MCP server at 'https://rube.app/mcp', which is an unverified third-party service not listed in the trusted scope.
Recommendations
- AI detected serious security threats
Audit Metadata