kit-automation
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to configure an MCP server at
https://rube.app/mcp, which is the official endpoint for Rube MCP provided by Composio. - [COMMAND_EXECUTION]: The skill makes use of remote execution tools (
RUBE_MULTI_EXECUTE_TOOL,RUBE_REMOTE_WORKBENCH) to automate Kit tasks via the Rube MCP interface. - [DATA_EXPOSURE]: The skill includes connection management (
RUBE_MANAGE_CONNECTIONS) to authenticate with Kit through Composio's infrastructure, which is necessary for the intended automation functionality. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes dynamic tool schemas returned by
RUBE_SEARCH_TOOLSto determine execution plans. - Ingestion points: Tool schemas and execution plans returned by the
RUBE_SEARCH_TOOLScommand. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Subprocess execution via
RUBE_MULTI_EXECUTE_TOOLand remote environment management viaRUBE_REMOTE_WORKBENCH. - Sanitization: No explicit sanitization or validation logic is mentioned for the ingested tool schemas.
Audit Metadata