unione-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires connecting to an external MCP server at https://rube.app/mcp to facilitate tool discovery and automation.
- [COMMAND_EXECUTION]: The skill utilizes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to perform operations based on tool schemas retrieved dynamically from the external endpoint.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes tool schemas and execution plans from the remote RUBE_SEARCH_TOOLS endpoint.
- Ingestion points: Data entering the agent context via RUBE_SEARCH_TOOLS and RUBE_MANAGE_CONNECTIONS.
- Boundary markers: No specific delimiters or safety warnings are used for the retrieved remote content.
- Capability inventory: The skill can execute multiple tools and manage connections via MCP.
- Sanitization: There is no evidence of validation or escaping for the external schemas before they are processed by the agent.
Audit Metadata