Skills
skills/davepoon/buildwithclaude/mixpanel-automation/Gen Agent Trust Hub

mixpanel-automation

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires connecting to a remote MCP endpoint at https://rube.app/mcp. This is an external dependency from an untrusted source that provides the logic for all Mixpanel interactions.
  • [COMMAND_EXECUTION] (MEDIUM): The MIXPANEL_JQL_QUERY tool permits the execution of custom JavaScript code via the JQL parameter. This constitutes dynamic code execution, which, while a feature of the target platform, represents a high-risk capability if combined with untrusted inputs.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: Untrusted data enters the agent context via MIXPANEL_QUERY_PROFILES and MIXPANEL_AGGREGATE_EVENT_COUNTS (SKILL.md).
  • Boundary markers: The instructions lack any delimiters or 'ignore' instructions for data processed from Mixpanel.
  • Capability inventory: The skill has significant capabilities including writing data (MIXPANEL_PROFILE_BATCH_UPDATE) and script execution (MIXPANEL_JQL_QUERY).
  • Sanitization: No sanitization or validation of the retrieved analytics data is mentioned before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 08:18 AM