mattermost
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the mm command-line tool to perform operations such as searching and reading chat messages from Mattermost.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the mattermost-cli package from PyPI. This package is maintained by the skill author and is the primary tool for the skill's functionality.
- [PROMPT_INJECTION]: The skill processes external chat data, creating a surface for indirect prompt injection where malicious content in Mattermost could influence agent behavior.
- Ingestion points: Chat messages and search results retrieved via mm messages and mm search.
- Boundary markers: No specific delimiters are used to isolate message content.
- Capability inventory: Access to read and search all messages available to the authenticated user.
- Sanitization: No sanitization of message content is mentioned.
Audit Metadata