pachca-profile
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using the
pachcaCLI tool andnpxto perform profile management tasks. - [EXTERNAL_DOWNLOADS]: Fetches and runs the
@pachca/clipackage from the npm registry vianpxand suggests global installation usingnpm install. - [DATA_EXFILTRATION]: The skill manages a sensitive authentication token (
PACHCA_TOKEN) which is used to authenticate requests to external Pachca API endpoints. - [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection by ingesting untrusted data from the user's Pachca profile (such as status messages, nicknames, and custom properties) into the agent's context.
- Ingestion points: Data returned by
pachca profile getandpachca profile get-infocommands. - Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content within the fetched profile data.
- Capability inventory: The skill possesses shell execution capabilities via the
pachcaCLI andnpxtools. - Sanitization: There is no evidence of sanitization or validation of the data retrieved from the API before it is processed by the agent.
Audit Metadata