Skills
skills/sickn33/antigravity-awesome-skills/bitbucket-automation/Gen Agent Trust Hub

bitbucket-automation

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires connection to a remote MCP server at https://rube.app/mcp to fetch tool schemas and execute Bitbucket operations.
  • [COMMAND_EXECUTION]: The skill exposes high-impact tools such as BITBUCKET_DELETE_REPOSITORY and BITBUCKET_DELETE_ISSUE which perform irreversible actions on the user's Bitbucket workspace.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the processing of untrusted data from external repository contributors.
  • Ingestion points: Untrusted data enters the agent context via BITBUCKET_GET_PULL_REQUEST, BITBUCKET_LIST_ISSUES, and BITBUCKET_GET_PULL_REQUEST_DIFF (fetching PR descriptions, issue comments, and code diffs).
  • Boundary markers: The instructions do not specify any delimiters or safety warnings to ignore embedded instructions in the fetched data.
  • Capability inventory: The skill possesses the ability to create, update, and delete repositories, issues, and pull requests.
  • Sanitization: There is no mention of sanitization or filtering of external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 09:30 AM