abuselpdb-automation
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to an external MCP server at
https://rube.app/mcpto dynamically fetch tool definitions and execution schemas. - [COMMAND_EXECUTION]: Instructs the agent to execute tools via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH, enabling the execution of arbitrary tools within the linked Abuselpdb (AbuseIPDB) toolkit. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from an external security service (AbuseIPDB) without implementing sanitization or boundary markers.
- Ingestion points: Data returned from Abuselpdb tools via the MCP interface.
- Boundary markers: None present in the prompt instructions to isolate external data from instructions.
- Capability inventory: The skill can execute various toolkit operations and manage remote connections through the Rube interface.
- Sanitization: No explicit sanitization or validation of the data retrieved from the external API is defined in the workflow.
Audit Metadata