mixpanel-automation
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation instructs users to configure an external MCP server at https://rube.app/mcp. This domain is not a trusted source, delegating tool definitions and execution logic to an unverified third party.
- REMOTE_CODE_EXECUTION (MEDIUM): The MIXPANEL_JQL_QUERY tool enables the execution of custom JavaScript-based JQL code. This dynamic execution capability is a potential vector for script injection if untrusted data is included in the query script.
- DATA_EXFILTRATION (LOW): By using rube.app as a proxy for Mixpanel API calls, sensitive project data and user profiles are transmitted to an external service, increasing the risk of data exposure.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted analytics data from Mixpanel. 1. Ingestion points: MIXPANEL_QUERY_PROFILES, MIXPANEL_AGGREGATE_EVENT_COUNTS. 2. Boundary markers: Absent. 3. Capability inventory: MIXPANEL_PROFILE_BATCH_UPDATE, MIXPANEL_JQL_QUERY. 4. Sanitization: Absent.
Audit Metadata