pachca-users
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes curl commands to communicate with the Pachca API at api.pachca.com. This is consistent with the skill's purpose and uses the author's own infrastructure.
- [DATA_EXFILTRATION]: The skill accesses and retrieves employee data, including names, emails, and phone numbers, via Pachca API endpoints. This is necessary for user management tasks.
- [PROMPT_INJECTION]: Potential for Indirect Prompt Injection exists due to the processing of external data. (1) Ingestion points: The skill retrieves user-generated content from the Pachca API, such as names and status messages (away_message). (2) Boundary markers: No explicit delimiters or instructions are provided to distinguish between the API data and the agent's system instructions. (3) Capability inventory: The agent has the ability to perform administrative actions, such as creating or deleting users, based on the context provided by this data. (4) Sanitization: There is no evidence of data sanitization or validation before the content is processed by the agent.
Audit Metadata