moxie-automation

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it dynamically ingests tool schemas and execution plans from an external tool registry, which could contain adversarial instructions.
  • Ingestion points: Data entering the agent context via RUBE_SEARCH_TOOLS results (SKILL.md).
  • Boundary markers: Absent; the instructions do not specify delimiters or warnings for the agent to disregard natural language instructions embedded within the search results.
  • Capability inventory: The skill has access to powerful execution tools including RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH (SKILL.md).
  • Sanitization: Absent; the skill does not implement validation or filtering of the content returned from the external tool discovery service.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 06:24 PM
Security Audit — agent-trust-hub — moxie-automation