mixpanel-automation

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] BENIGN: The fragment is a configuration/spec manifest for Mixpanel automation via Rube MCP. It aligns with its stated purpose, uses trusted sources (public MCP endpoint), maintains proportional access to Mixpanel APIs, and does not exhibit data exfiltration or malicious behavior in itself. LLM verification: SUSPICIOUS / CAUTION ADVISED — The content itself is an operational description for automating Mixpanel via a Composio/Rube MCP toolkit and does not contain explicit malware or obfuscated code. However, the requirement to route authentication and all API traffic through a third-party MCP endpoint (https://rube.app/mcp) and the acceptance of arbitrary JQL scripts and batch profile writes create a realistic credential-exfiltration and mass-data-modification risk. Before trusting or deploying this