skills/jeremylongshore/claude-code-plugins-plus-skills/mistral-upgrade-migration/Gen Agent Trust Hub
mistral-upgrade-migration
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation and update of official Mistral AI SDKs from verified registries (NPM and PyPI). These are standard operations for a migration tool.
- [COMMAND_EXECUTION]: The skill uses shell commands for package management (npm, pip) and version control (git). Access is appropriately restricted via the
allowed-toolsconfiguration to specific executable scopes. - [DATA_EXPOSURE]: The skill demonstrates safe handling of sensitive information by suggesting the use of environment variables (e.g.,
MISTRAL_API_KEY_TEST) rather than hardcoding credentials. - [INDIRECT_PROMPT_INJECTION]: The skill contains a migration script that reads local source code files (
src/**/*.{ts,js}) to perform regex-based updates. While this represents a data ingestion surface, the operations are limited to string replacements for known SDK patterns and are consistent with the skill's primary purpose of code migration.
Audit Metadata