Skills
skills/composiohq/awesome-claude-skills/Kommo Automation/Gen Agent Trust Hub

Kommo Automation

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill configuration references an external MCP server at https://rube.app/mcp. This is a vendor-provided endpoint used to bridge tool execution for the Composio integration.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data from Kommo CRM (leads, custom fields, tasks) which introduces a theoretical surface for indirect prompt injection. Malicious content within CRM records could potentially influence the agent's behavior during data processing.
  • Ingestion points: KOMMO_LIST_LEADS and KOMMO_LIST_CUSTOM_FIELDS in SKILL.md.
  • Boundary markers: None explicitly defined in the instructions.
  • Capability inventory: Tools for creating and updating leads/tasks (KOMMO_CREATE_LEAD, KOMMO_UPDATE_LEAD, KOMMO_CREATE_TASK) are provided in SKILL.md.
  • Sanitization: Not explicitly mentioned in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 05:20 PM