zoho-bigin-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires a connection to a third-party MCP endpoint at
https://rube.app/mcp. This server provides the toolsets and operational logic for the skill and is not included in the list of trusted external sources. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill fetches tool schemas and 'recommended execution plans' from the remote
RUBE_SEARCH_TOOLSendpoint. - Ingestion points: Tool slugs, schemas, and execution plans returned by the external Rube MCP service.
- Boundary markers: Absent; the agent is directed to use the returned information directly for subsequent calls.
- Capability inventory:
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHprovide execution capabilities on the remote target. - Sanitization: Absent; the skill does not validate the names or structures of tools returned by the remote service.
- [REMOTE_CODE_EXECUTION] (MEDIUM): The toolkit includes
RUBE_REMOTE_WORKBENCH, which suggests an environment for executing complex tasks or scripts remotely within the Composio/Rube infrastructure. - [COMMAND_EXECUTION] (LOW): The skill utilizes
RUBE_MULTI_EXECUTE_TOOLto perform operations discovered at runtime, which constitutes dynamic tool invocation based on remote data.
Audit Metadata