mocreo-api
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute vendor-provided Python scripts such as scripts/setup_credentials.py, v2_login.py, and v3_login.py using the run_shell_command tool to manage device data and authentication.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes data from external MOCREO API endpoints and user-supplied device identifiers. 1. Ingestion points: Data entering the agent context includes device IDs, node IDs, and the outputs of login and data retrieval scripts. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to treat script outputs as untrusted data or to ignore potential instructions embedded within those outputs. 3. Capability inventory: The skill has access to the run_shell_command tool, which allows for the execution of shell commands and scripts. 4. Sanitization: There is no evidence of input validation, output escaping, or sanitization of data returned by the API or provided by the user before it is processed or used in further operations.
- [EXTERNAL_DOWNLOADS]: The skill manages external dependencies via a requirements.txt file. It includes a protective instruction requiring the agent to seek user approval and provide a warning before attempting to install any packages.
Audit Metadata