big-data-cloud-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external data from Big Data Cloud APIs.
- Ingestion points: Data retrieved from Big Data Cloud via tool execution (e.g.,
RUBE_MULTI_EXECUTE_TOOL). - Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands in the data retrieved.
- Capability inventory: The skill possesses significant capabilities including tool execution via
RUBE_MULTI_EXECUTE_TOOLand remote workbench operations throughRUBE_REMOTE_WORKBENCH. - Sanitization: No explicit sanitization, validation, or escaping of external content is mentioned in the workflow instructions.
- [COMMAND_EXECUTION]: The skill enables the execution of cloud automation tools and bulk operations via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. This capability is required for the skill's purpose but allows the agent to perform actions that could be misused if influenced by malicious external data. - [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to connect to an external MCP server endpoint at
https://rube.app/mcp. This is a standard part of the setup for the Rube/Composio ecosystem, involving communication with a third-party service.
Audit Metadata