Skills
skills/composiohq/awesome-claude-skills/zyte-api-automation/Gen Agent Trust Hub

zyte-api-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [External Downloads] (LOW): The skill requires connecting to an external MCP server endpoint at https://rube.app/mcp. This domain is not included in the 'Trusted External Sources' list.
  • [Remote Code Execution] (LOW): The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to invoke remote tools and operations. This involves the execution of logic hosted on a remote platform managed by Composio/Rube.
  • [Indirect Prompt Injection] (LOW): The skill exhibits a vulnerability surface for indirect prompt injection.
  • Ingestion points: Data entering the agent context via RUBE_SEARCH_TOOLS (schemas, plans) and RUBE_MULTI_EXECUTE_TOOL (execution results).
  • Boundary markers: Absent. There are no instructions for the agent to treat tool outputs as untrusted data or to ignore embedded instructions in those outputs.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH, and RUBE_MANAGE_CONNECTIONS provide significant functional reach.
  • Sanitization: Absent. The instructions do not specify any validation or sanitization of the data returned by the remote tools before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:39 PM