emaillistverify-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation describes standard integration procedures for the Emaillistverify toolkit via Composio's Rube MCP infrastructure. No malicious commands, obfuscation, or unauthorized data access patterns were identified.
- [INDIRECT_PROMPT_INJECTION]: The skill relies on dynamically discovered tool schemas and execution plans from a remote MCP server (rube.app). This creates an inherent surface for indirect prompt injection if the remote service provides malicious instructions.
- Ingestion points: Data returned by RUBE_SEARCH_TOOLS and RUBE_GET_TOOL_SCHEMAS as described in SKILL.md.
- Boundary markers: None identified; the instructions encourage direct adoption of returned tool slugs and argument schemas.
- Capability inventory: The agent can execute remote operations through RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH based on these inputs.
- Sanitization: The instructions do not specify any validation or sanitization steps for the retrieved tool metadata.
Audit Metadata