salesmate-automation
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through the tool discovery and execution workflow.
- Ingestion points: Data retrieved dynamically from RUBE_SEARCH_TOOLS as described in SKILL.md, which informs subsequent tool arguments and execution plans.
- Boundary markers: Absent; the skill does not instruct the agent to use delimiters or warnings to disregard potential instructions embedded in retrieved tool schemas.
- Capability inventory: The skill utilizes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to execute operations based on discovery results.
- Sanitization: No explicit sanitization or schema validation of search results is described before they are interpolated into execution commands.
- [EXTERNAL_DOWNLOADS]: The skill requires connection to a remote MCP server endpoint at https://rube.app/mcp, which provides the necessary tool definitions and execution infrastructure.
Audit Metadata