pushover-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates automation through a well-known third-party platform (Composio) and uses standard authentication and connection management workflows.
- [EXTERNAL_DOWNLOADS]: The skill references external resources including the Composio documentation and the Rube MCP server endpoint. These are official service endpoints required for the skill's primary functionality.
- [INDIRECT_PROMPT_INJECTION]: The skill employs dynamic tool discovery, fetching schemas from an external server at runtime. While this is a standard design for MCP-based integrations, it establishes an architectural ingestion point for external data.
- Ingestion points: Tool schemas and execution plans are retrieved from the MCP server via
RUBE_SEARCH_TOOLSandRUBE_GET_TOOL_SCHEMAS. - Boundary markers: The skill does not define specific delimiters for separating tool output from agent instructions.
- Capability inventory: The skill utilizes
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHto perform actions based on discovered tool definitions. - Sanitization: No explicit validation or filtering of the dynamic schemas is present in the skill instructions.
Audit Metadata