vero-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references an external MCP server at https://rube.app/mcp which is the required endpoint for the Vero toolkit automation as documented by the vendor.\n- [COMMAND_EXECUTION]: The skill describes the use of RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to perform automation operations on the Vero platform, which is consistent with its intended functionality.\n- [PROMPT_INJECTION]: The skill interacts with an external data source that could serve as an indirect injection surface.\n
- Ingestion points: Dynamic tool schemas retrieved via RUBE_SEARCH_TOOLS from https://rube.app/mcp.\n
- Boundary markers: Absent; the agent is instructed to use the tool definitions as provided by the server.\n
- Capability inventory: Tool execution through RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH.\n
- Sanitization: Absent; the process relies on the vendor-controlled MCP server for safe schema delivery.\n- [SAFE]: No evidence of prompt injection, data exfiltration, or obfuscation was found. The skill follows standard practices for integrating with the Composio MCP ecosystem.
Audit Metadata