webscraping-ai-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references an external MCP server endpoint at https://rube.app/mcp for connectivity. This is documented as the standard connection method for the Rube platform.- [COMMAND_EXECUTION]: The skill uses
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHto perform remote operations. These tools allow the agent to execute specific automation tasks within the Composio environment.- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) due to the nature of web scraping tasks. - Ingestion points: External web content fetched via the
webscraping_aitoolkit (SKILL.md). - Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions found within scraped data.
- Capability inventory: High; the skill can execute multiple tools and access a remote workbench via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH(SKILL.md). - Sanitization: Absent; the skill does not specify any validation or filtering for data retrieved from external URLs.
Audit Metadata