virustotal-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to call RUBE_SEARCH_TOOLS and RUBE_MULTI_EXECUTE_TOOL against the public Virustotal toolkit (via Rube MCP) to fetch tool schemas and results from the external Virustotal service, so the agent will ingest and act on potentially untrusted, user-submitted third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires connecting to an external MCP at https://rube.app/mcp and calls RUBE_SEARCH_TOOLS / RUBE_MANAGE_CONNECTIONS at runtime to fetch tool schemas and recommended execution plans which directly determine agent instructions and tool execution.