Skills
skills/composiohq/awesome-claude-skills/yandex-automation/Gen Agent Trust Hub

yandex-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill requires the user to add an untrusted external MCP server: https://rube.app/mcp. This server provides the tool definitions and execution logic.
  • [REMOTE_CODE_EXECUTION] (HIGH): By calling RUBE_SEARCH_TOOLS and then RUBE_MULTI_EXECUTE_TOOL based on the results, the agent effectively executes logic defined by the remote rube.app server. This is a form of remote code/logic execution.
  • [INDIRECT_PROMPT_INJECTION] (HIGH): The skill possesses write/execute capabilities (Yandex automation) while processing external, potentially attacker-controlled content from Yandex. There are no boundary markers or sanitization logic mentioned to prevent data-driven instructions from overriding agent behavior.
  • [DYNAMIC_EXECUTION] (MEDIUM): Tool schemas and execution plans are dynamically retrieved at runtime. While this is a design feature of MCP, doing so from an untrusted source without validation is a security risk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:41 AM