integrations
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/connector-status.py) to retrieve status information about various connectors. - [DATA_EXFILTRATION]: The skill processes the
.mcp.jsonconfiguration file and system environment variables. These sources are known to store sensitive information, including API keys and authentication credentials for MCP integrations. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests data from external files and environment variables that are then used as context for the agent's response.
- Ingestion points: Reads from
.mcp.jsonand system environment variables. - Boundary markers: The instructions do not specify the use of delimiters or ignore-instructions for the data retrieved from these sources.
- Capability inventory: The skill has the ability to execute shell commands via
python3subprocesses. - Sanitization: There is no mention of sanitizing or validating the contents of the configuration files before they are processed.
Audit Metadata