The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses the subprocess.run function to execute the curl binary for Mimecast API interaction. While it spawns an external process, the arguments are passed as a list, which effectively prevents shell injection vulnerabilities.
[DATA_EXFILTRATION]: The skill transmits authentication credentials to official Mimecast API endpoints (mimecast.com). This is the intended functionality of the tool for legitimate monitoring and involves a well-known technology service.
[PROMPT_INJECTION]: The analysis scripts ingest untrusted data from email logs (sender addresses, URLs). This presents a potential surface for indirect prompt injection if the resulting JSON reports are processed by an AI agent.
Ingestion points: scripts/agent.py (via Mimecast API click logs) and scripts/process.py (via log file parsing).
Boundary markers: The output is formatted as structured JSON, which provides logical separation, but no explicit security delimiters are used for string content.
Capability inventory: The skill performs network requests via curl and writes report files to the local system.
Sanitization: Standard JSON encoding is applied; however, no specific content filtering or sanitization of string values from the logs is implemented.

implementing-mimecast-targeted-attack-protection