Skills
skills/aaaaqwq/agi-super-skills/mixpanel-automation/Gen Agent Trust Hub

mixpanel-automation

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [NO_CODE]: The skill consists of a single markdown file containing documentation and instructions. No Python, Node.js, or other source code files are included in the skill package.
  • [PROMPT_INJECTION]: The skill defines an indirect prompt injection attack surface as it processes analytics data from Mixpanel.
  • Ingestion points: Data enters the agent's context through tools like MIXPANEL_QUERY_PROFILES and MIXPANEL_AGGREGATE_EVENT_COUNTS.
  • Boundary markers: No boundary markers or instructions to ignore embedded commands in the retrieved data are provided.
  • Capability inventory: The agent can modify data via MIXPANEL_PROFILE_BATCH_UPDATE and execute custom logic via MIXPANEL_JQL_QUERY.
  • Sanitization: The skill does not define any sanitization or validation steps for the external data ingested from Mixpanel.
  • [EXTERNAL_DOWNLOADS]: The documentation directs users to configure an external MCP server at https://rube.app/mcp. This is a third-party dependency not included in the trusted vendors list.
  • [COMMAND_EXECUTION]: The skill utilizes the MIXPANEL_JQL_QUERY tool which executes custom JavaScript-based logic on the Mixpanel platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:56 AM