make-automation
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server hosted at
https://rube.app/mcp. This represents a dependency on a third-party service provider that is not included in the trusted vendors list. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data from Make (Integromat) scenarios.
- Ingestion points: Data retrieved via the
MAKE_GET_OPERATIONStool, which fetches operation records and logs from external automation scenarios. - Boundary markers: The skill does not define specific delimiters or instructions to the agent to ignore or isolate instructions embedded within the retrieved scenario data.
- Capability inventory: The skill possesses capabilities to read scenario metadata, list enums, and manage connections.
- Sanitization: No sanitization, escaping, or validation logic is specified for the data returned from the Make API before it is processed by the agent.
Audit Metadata