abstract-automation
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by instructing the agent to fetch and act upon data from the external Abstract design platform.\n
- Ingestion points: Untrusted data enters the agent's context through tools like
RUBE_SEARCH_TOOLSand other Abstract-specific operations used to retrieve project data, comments, and schemas as described inSKILL.md.\n - Boundary markers: The instructions do not specify any delimiters or safety warnings to help the agent distinguish between its instructions and the data fetched from the external platform.\n
- Capability inventory: The skill utilizes powerful capabilities including
RUBE_MULTI_EXECUTE_TOOLfor multi-step execution andRUBE_REMOTE_WORKBENCHfor potentially broad operations across files and remote environments.\n - Sanitization: The instructions do not include steps for sanitizing, validating, or escaping data retrieved from the Abstract API before it is used to influence the agent's next actions.
Audit Metadata