Skills
AGENT LAB: SKILLS
skills/composiohq/awesome-claude-skills/wrike-automation/Gen Agent Trust Hub

wrike-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • NO_CODE (SAFE): The skill package is composed entirely of markdown documentation. No executable scripts, binaries, or source files are provided.
  • EXTERNAL_DOWNLOADS (LOW): The documentation instructs the user to manually configure the https://rube.app/mcp endpoint. While this is a configuration step rather than an automated execution, the host is not a member of the predefined trusted organizations.
  • PROMPT_INJECTION (LOW): The skill presents an attack surface for Indirect Prompt Injection (Category 8).
  • Ingestion points: Untrusted data is ingested from Wrike task titles, descriptions, and folder metadata (via tools like WRIKE_FETCH_ALL_TASKS).
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions for data retrieved from Wrike.
  • Capability inventory: The skill defines access to highly sensitive and destructive operations, including WRIKE_DELETE_SPACE, WRIKE_DELETE_FOLDER, and WRIKE_CREATE_INVITATION.
  • Sanitization: Absent. No logic is provided to sanitize or validate external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:08 PM