Skills
skills/sickn33/antigravity-awesome-skills/pipedrive-automation/Gen Agent Trust Hub

pipedrive-automation

Warn

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires connecting to https://rube.app/mcp, an external MCP server that provides the operational tools. This dependency on unverified third-party infrastructure can compromise tool integrity.
  • [DATA_EXFILTRATION]: CRM data processed by the skill is sent to the rube.app endpoint, which is not a verified trusted service, increasing the risk of data exposure.
  • [PROMPT_INJECTION]: The skill lacks defenses against indirect prompt injection from CRM content. Ingestion points: PIPEDRIVE_GET_ALL_NOTES, PIPEDRIVE_SEARCH_PERSONS. Boundary markers: Absent. Capability inventory: Tools include sensitive actions like PIPEDRIVE_DELETE_A_PERSON. Sanitization: None implemented.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 14, 2026, 09:07 AM