integrations
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script using the command
python3 scripts/connector-status.py --action statusto retrieve integration data. This script is part of the skill package authored by indranilbanerjee. - [CREDENTIALS_UNSAFE]: The process involves reading the
.mcp.jsonconfiguration file and system environment variables. Accessing these sources is a risk as they are standard locations for sensitive API keys, tokens, and authentication credentials for third-party services. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes data from external, potentially untrusted configuration sources.
- Ingestion points: System environment variables and the
.mcp.jsonconfiguration file. - Boundary markers: None. The skill does not use delimiters or instructions to ignore instructions embedded within the connector metadata.
- Capability inventory: The skill executes local shell commands via the
connector-status.pyscript. - Sanitization: No sanitization or validation of the retrieved configuration data is performed before displaying it in the dashboard output.
Audit Metadata