mastering-confluence
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The scripts mermaid_renderer.py and render_mermaid.py use subprocess.run to execute the external mmdc (Mermaid CLI) tool. Although implemented safely with argument lists to prevent shell injection, the tool processes input diagrams derived from Markdown files, which represents an indirect prompt injection surface if the external renderer is vulnerable to malicious input.
- [EXTERNAL_DOWNLOADS] (LOW): The skill's documentation and installation guides recommend downloading and installing external tools like mermaid-cli and the mark CLI from non-whitelisted GitHub repositories (kovetskiy/mark). This introduces a dependency on unverified third-party software.
- [DATA_EXPOSURE] (LOW): The authentication helper confluence_auth.py automatically scans the filesystem for sensitive files, including ~/.config/mcp/.mcp.json and various .env variants, to discover Atlassian API tokens. While designed for convenience, this capability could be exploited by a compromised agent session to discover and expose credentials from the host system.
Audit Metadata