make-automation
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct users to add an external MCP server endpoint (
https://rube.app/mcp). This establishes a dependency on third-party infrastructure for executing the Make toolkit capabilities.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from external sources.\n - Ingestion points:
MAKE_GET_OPERATIONStool is used to retrieve scenario records and logs from Make inSKILL.md.\n - Boundary markers: No specific delimiters or safety instructions are provided to the agent to treat the retrieved Make data as untrusted content.\n
- Capability inventory: The skill utilizes powerful capabilities including connection management (
RUBE_MANAGE_CONNECTIONS) and remote processing (RUBE_REMOTE_WORKBENCH) as described inSKILL.md.\n - Sanitization: There is no logic or instruction for sanitizing or validating the data returned from the Make API before it is incorporated into the agent's context.
Audit Metadata