moxie-automation
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it dynamically ingests tool schemas and execution plans from an external tool registry, which could contain adversarial instructions.
- Ingestion points: Data entering the agent context via
RUBE_SEARCH_TOOLSresults (SKILL.md). - Boundary markers: Absent; the instructions do not specify delimiters or warnings for the agent to disregard natural language instructions embedded within the search results.
- Capability inventory: The skill has access to powerful execution tools including
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH(SKILL.md). - Sanitization: Absent; the skill does not implement validation or filtering of the content returned from the external tool discovery service.
Audit Metadata