etermin-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a guide for integrating Etermin automation via the Rube MCP server. The workflows described—tool discovery, connection verification, and tool execution—are standard for the Composio ecosystem.
- [PROMPT_INJECTION]: The skill was evaluated for Indirect Prompt Injection (Category 8) vulnerability surfaces.
- Ingestion points: The agent ingests external data in the form of tool schemas and recommended execution plans from the
RUBE_SEARCH_TOOLSoutput. - Boundary markers: No explicit delimiters or safety warnings regarding the content of the search results are present in the instructions.
- Capability inventory: The skill utilizes
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHto execute commands based on the ingested metadata. - Sanitization: There is no evidence of sanitization or validation of the schemas retrieved from the remote MCP server.
- Assessment: While the skill creates a surface where the agent acts on externally provided metadata, this behavior is the core intended functionality of the Rube/Composio automation pattern and does not constitute a malicious finding in this context.
Audit Metadata