micepad-admin
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to interact extensively with the local environment by executing the
micepadCLI binary with various administrative arguments. - [DATA_EXFILTRATION]: The skill provides commands to access sensitive platform data, including login sessions, IP addresses, user emails, and location data via
micepad admin users sessions USER_ID. While the skill includes a directive to never expose sensitive user data in responses, the agent itself processes this information in its context. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through data ingestion from the Micepad platform.
- Ingestion points: Data enters the agent context through the output of commands like
micepad admin users,micepad admin accounts, andmicepad admin gatherings(SKILL.md). - Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to disregard instructions potentially embedded in the CLI output.
- Capability inventory: The skill can execute various CLI commands and audit sensitive platform activity across all scripts.
- Sanitization: Absent. There is no mention of escaping or validating the content returned by the CLI before the agent processes it.
Audit Metadata