supadata-automation
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists exclusively of markdown documentation and prompt instructions. It does not contain any executable scripts, binaries, or configuration files that pose a security risk.
- [EXTERNAL_DOWNLOADS]: The installation command in the metadata fetches the SKILL.md file from the author's public GitHub repository (ComposioHQ). This is a standard installation method for markdown-based skills and does not involve executing untrusted code.
- [COMMAND_EXECUTION]: The instructions describe using Model Context Protocol (MCP) tools such as
RUBE_SEARCH_TOOLSandRUBE_MULTI_EXECUTE_TOOL. These interactions are governed by the agent's MCP environment and are intended for the skill's documented automation purposes. - [INDIRECT_PROMPT_INJECTION]: The skill utilizes
RUBE_SEARCH_TOOLSto dynamically fetch tool schemas and execution plans. While this ingests external data into the agent's context, it is the defined mechanism for discovering current tool capabilities and does not bypass safety guidelines.
Audit Metadata