brevo-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server endpoint at
https://rube.app/mcp. This is the official endpoint for the Rube/Composio integration platform and is considered a well-known service reference.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting untrusted data from the Brevo API. - Ingestion points: Campaign and template data are retrieved via
BREVO_LIST_EMAIL_CAMPAIGNSandBREVO_GET_ALL_EMAIL_TEMPLATES. - Boundary markers: The instructions lack explicit delimiters or warnings to ignore embedded instructions within retrieved email bodies or subjects.
- Capability inventory: The skill has the ability to modify campaigns and templates through
BREVO_UPDATE_EMAIL_CAMPAIGNandBREVO_CREATE_OR_UPDATE_EMAIL_TEMPLATE. - Sanitization: No sanitization or validation of the external content is described in the workflow.
Audit Metadata