Skills
skills/first-fluke/mimic/mimic-troubleshooter/Gen Agent Trust Hub

mimic-troubleshooter

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/diagnose.sh executes npm run compile to verify the project's build state. This is standard behavior for troubleshooting development environments.
  • [DATA_EXFILTRATION]: The skill accesses the user's shell configuration file (~/.zshrc) and an application-specific log file (~/.mimic/events.jsonl). While no network transmission was detected, these paths are considered sensitive.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by reading the last line of ~/.mimic/events.jsonl in scripts/diagnose.sh. Evidence chain: 1. Ingestion point: tail -n 1 on the log file in scripts/diagnose.sh. 2. Boundary markers: Absent. 3. Capability inventory: Command execution via npm run compile. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 07:25 PM