pexels-automation

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the configuration of a remote MCP server at https://rube.app/mcp. This is the intended endpoint for accessing the Composio toolkit and does not involve the execution of unverified scripts.
  • [PROMPT_INJECTION]: The skill architecture includes a surface for indirect prompt injection as it retrieves tool schemas and execution plans from an external service at runtime. This is a functional requirement for the Rube/Composio framework to ensure compatibility with API updates.
  • Ingestion points: Tool slugs, input schemas, and execution plans returned by the RUBE_SEARCH_TOOLS endpoint.
  • Boundary markers: Not explicitly defined in the provided instructions; the agent is instructed to follow the schema provided by the service.
  • Capability inventory: Includes RUBE_MULTI_EXECUTE_TOOL for tool execution and RUBE_REMOTE_WORKBENCH for batch operations.
  • Sanitization: The skill relies on the agent's internal tool-calling safety mechanisms and the structured schema validation provided by the MCP service.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 12:16 PM
Security Audit — agent-trust-hub — pexels-automation