close-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No security threats or malicious patterns were detected. The skill provides legitimate documentation for integrating an external CRM service.
- [NO_CODE]: This skill is composed entirely of markdown documentation and does not include any Python, Node.js, or shell scripts, which significantly reduces the potential attack surface.
- [EXTERNAL_DOWNLOADS]: The skill references a remote MCP server endpoint (https://rube.app/mcp). This is a configuration requirement for the functionality described and is documented neutrally as it relates to the vendor's primary service.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes external CRM data. Ingestion points: CRM notes and lead search results via tools like CLOSE_GET_NOTE. Boundary markers: None specified in instructions. Capability inventory: Includes capabilities to create SMS messages and delete call records. Sanitization: No explicit sanitization is described in the markdown, as it relies on the underlying agent and API providers.
Audit Metadata