trello-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the user to configure a remote MCP server at
https://rube.app/mcp. This external service acts as a proxy for Trello API calls and manages authentication. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from Trello boards that could contain malicious instructions.
- Ingestion points: Data enters the agent's context through tools like
TRELLO_GET_SEARCHandTRELLO_GET_BOARDS_CARDS_BY_ID_BOARDwhich read card titles, descriptions, and comments. - Boundary markers: The skill lacks explicit instructions or delimiters to isolate data retrieved from Trello from the agent's internal logic.
- Capability inventory: The skill possesses significant write capabilities, including
TRELLO_ADD_CARDS,TRELLO_UPDATE_CARDS_BY_ID_CARD, andTRELLO_ADD_CARDS_ATTACHMENTS_BY_ID_CARD, which could be abused if an injection is successful. - Sanitization: No sanitization or validation logic is defined for the content retrieved from external Trello sources.
Audit Metadata