mixpanel-automation

No explicit malicious code is present in this skill documentation. However, the architecture centralizes Mixpanel access through a third-party MCP endpoint (https://rube.app/mcp) and permits high-impact operations (arbitrary JQL execution and bulk profile updates) without documenting credential handling, scoping, or audit controls. This creates a meaningful supply-chain and data-exfiltration risk if the MCP operator or service is untrusted or compromised. Recommendations: require per-user OAuth tokens forwarded by the client (not a shared managed credential), document token storage/rotation/audit, restrict or vet JQL execution and bulk updates (allow only vetted scripts or apply least-privilege roles), and perform independent security review of the MCP service before trusting it with production Mixpanel connections.