bolt-iot-automation
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references documentation and an MCP server endpoint from official Composio and Rube domains (composio.dev and rube.app).
- [COMMAND_EXECUTION]: Instructs the agent to perform IoT tasks by executing tools discovered via the Rube MCP interface using
RUBE_MULTI_EXECUTE_TOOL. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it relies on tool schemas and instructions fetched dynamically from an external source at runtime to determine its next actions.
- Ingestion points: Results from
RUBE_SEARCH_TOOLSprovided by the external MCP server. - Boundary markers: None specified in the instructions for separating external schema data from system prompts.
- Capability inventory:
RUBE_MULTI_EXECUTE_TOOL,RUBE_REMOTE_WORKBENCHinSKILL.md. - Sanitization: No explicit sanitization or validation of external tool metadata is described.
Audit Metadata