Skills
skills/l3digital-net/claude-code-plugins/mosquitto/Gen Agent Trust Hub

mosquitto

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes systemctl for managing the Mosquitto service and ufw for firewall configuration to allow traffic on standard MQTT ports (1883, 8883, 9001).\n- [COMMAND_EXECUTION]: Provides command templates for mosquitto_pub, mosquitto_sub, and mosquitto_passwd to facilitate broker interaction and authentication management.\n- [EXTERNAL_DOWNLOADS]: References software installation through official Linux distribution package managers (apt, dnf) and standard language-specific registries for the paho-mqtt Python package and mqtt Node.js package.\n- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface due to the processing of untrusted MQTT message payloads.\n
  • Ingestion points: MQTT message payloads used in mosquitto_pub arguments or received via mosquitto_sub.\n
  • Boundary markers: None defined within the command templates provided.\n
  • Capability inventory: High-privilege actions including service control, firewall adjustments, and credential management.\n
  • Sanitization: No explicit content filtering or escaping of message data is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:37 PM