recruitee-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the agent to connect to an external Model Context Protocol (MCP) server at
https://rube.app/mcpand references toolkit documentation atcomposio.dev. These resources provide the tool definitions and schemas necessary for the skill's automation functions.- [COMMAND_EXECUTION]: Instructions provide a workflow for executing tools viaRUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. These tools allow the agent to perform operations on the Recruitee platform based on schemas discovered at runtime.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it fetches dynamic execution plans and tool schemas from a remote endpoint (RUBE_SEARCH_TOOLS). - Ingestion points: Remote data retrieved from
RUBE_SEARCH_TOOLS(SKILL.md). - Boundary markers: None provided to distinguish between vendor instructions and potential data-embedded commands.
- Capability inventory: Subprocess-like execution via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH(SKILL.md). - Sanitization: No explicit validation or sanitization of the fetched tool schemas is described.
Audit Metadata