mixpanel-data
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
mpCLI and Python scripts for data pipeline management. - [EXTERNAL_DOWNLOADS]: The skill references documentation and configuration files from
jaredmcfarland.github.io. This is a standard practice for fetching software documentation and does not include execution of untrusted scripts. - [PROMPT_INJECTION]: The skill exposes a surface for Indirect Prompt Injection (Category 8) by ingesting untrusted data from an external API (Mixpanel).
- Ingestion points: Untrusted data enters the agent context through
fetch_events,fetch_profiles, and live segmentation queries. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions to encapsulate fetched JSON property values.
- Capability inventory: The skill enables shell execution, local DuckDB SQL queries, and Python script generation.
- Sanitization: There is no evidence of property sanitization or escaping before the data is processed or output to the user.
Audit Metadata