remarkety-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to connect to a remote MCP server (https://rube.app/mcp) and execute tools through the RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH commands.
- [PROMPT_INJECTION]: The skill utilizes a dynamic discovery pattern where the agent retrieves tool schemas and execution instructions from RUBE_SEARCH_TOOLS results. This introduces an indirect prompt injection surface if the remote server provides adversarial content. 1. Ingestion points: data returned by RUBE_SEARCH_TOOLS in SKILL.md. 2. Boundary markers: absent. 3. Capability inventory: tool execution and remote workbench access via RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH. 4. Sanitization: none identified.
Audit Metadata