skills/jeremylongshore/claude-code-plugins-plus-skills/mistral-deploy-integration/Gen Agent Trust Hub
mistral-deploy-integration
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: Uses platform CLI tools including Vercel, Docker, and gcloud to manage environment variables, create secrets, and deploy application containers.
- [EXTERNAL_DOWNLOADS]: References the official Mistral AI SDK (@mistralai/mistralai) and well-known container images from Docker Hub (vllm/vllm-openai) and Google Container Registry.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where user-supplied message data is passed to the Mistral AI API. 1. Ingestion points:
req.json()inapi/chat.tsextractsmessages. 2. Boundary markers: Absent; messages are interpolated directly into the API request. 3. Capability inventory: Uses@mistralai/mistralaito perform chat completions and streaming. 4. Sanitization: Absent; input is passed directly to the model provider as per standard integration patterns. - [DATA_EXFILTRATION]: Provides instructions for secure secret management, including adding
.envfiles to.gitignoreto prevent credential exposure in version control systems.
Audit Metadata