onesignal-user-auth-automation

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs users to add the Rube MCP server endpoint at https://rube.app/mcp, which is used to provide tool definitions and execution capabilities.
  • [COMMAND_EXECUTION]: The skill leverages tools such as RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to execute operations on the OneSignal platform via the remote MCP infrastructure.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to the dynamic ingestion of tool schemas and recommended execution plans from the remote server.
  • Ingestion points: Data retrieved via RUBE_SEARCH_TOOLS from the MCP server.
  • Boundary markers: None identified in the skill instructions.
  • Capability inventory: File contains RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH, and RUBE_MANAGE_CONNECTIONS for executing remote tasks and managing credentials.
  • Sanitization: There are no mentioned mechanisms for sanitizing or validating the schemas returned by the discovery tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 12:16 PM
Security Audit — agent-trust-hub — onesignal-user-auth-automation