pushbullet-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires configuration of an external MCP server endpoint (https://rube.app/mcp) to provide the Pushbullet toolkit functionality.
- [COMMAND_EXECUTION]: The workflow leverages RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to execute automation tasks, granting the agent the ability to run tools and interact with a remote environment.
- [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection due to its handling of untrusted external content. * Ingestion points: The agent reads message and notification content from Pushbullet through the toolkit. * Boundary markers: There are no specific instructions or delimiters provided to the agent to treat data from Pushbullet as untrusted. * Capability inventory: The agent has access to powerful execution tools like RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH. * Sanitization: The provided files do not specify any sanitization or validation of the data retrieved from external sources.
Audit Metadata