micepad
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
micepadCLI to perform administrative operations on event data. It executes various subcommands to create, update, and delete entities like events, registration forms, and groups.\n- [DATA_EXFILTRATION]: Provides functionality to export participant and event data to local files via themicepad pax exportcommand, which involves handling sensitive attendee information.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through data ingestion.\n - Ingestion points: The agent retrieves potentially untrusted data from the Micepad platform using commands such as
micepad pax show,micepad pax list, andmicepad campaigns show, which include participant-provided names, form responses, and campaign content.\n - Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore instructions embedded within the data retrieved from external commands.\n
- Capability inventory: The agent has permissions to execute a broad set of CLI commands that can modify event configurations, manage user data, and send communications to participants.\n
- Sanitization: There are no requirements for the agent to validate or sanitize the data retrieved from the Micepad service before using it to inform subsequent actions or responses.
Audit Metadata