asana-automation
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server located at https://rube.app/mcp. This endpoint is the legitimate infrastructure for the Rube MCP service utilized by the skill.
- [PROMPT_INJECTION]: The skill processes untrusted data from Asana, which constitutes a surface for indirect prompt injection.
- Ingestion points: Data is ingested through tools like ASANA_GET_A_TASK and ASANA_SEARCH_TASKS_IN_WORKSPACE.
- Boundary markers: There are no explicit boundary markers or instructions to disregard potential commands found within the ingested Asana content.
- Capability inventory: The skill possesses write capabilities, such as ASANA_CREATE_A_TASK and ASANA_SUBMIT_PARALLEL_REQUESTS, which could be leveraged if an injection occurs.
- Sanitization: No sanitization or validation of external task data is specified in the skill description.
Audit Metadata