moosend-automation
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill fetches data from Moosend and has tool execution capabilities, creating a potential path for malicious instructions embedded in external Moosend data (like email content or subscriber fields) to influence agent behavior.
- Ingestion points: Data retrieved from the Moosend API through the Rube MCP toolkit.
- Boundary markers: Absent; instructions do not specify delimiters to isolate external content.
- Capability inventory: Subprocess-equivalent tool execution via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. - Sanitization: Absent; the skill relies on the agent to interpret raw tool outputs.
- [SAFE]: The skill utilizes official integrations and endpoints from Composio (rube.app and composio.dev), which are well-known services in the AI automation space. No hardcoded credentials or malicious persistence mechanisms were detected.
Audit Metadata