pachca-users
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using the '@pachca/cli' tool to perform administrative actions such as user creation, deletion, and status updates.
- [EXTERNAL_DOWNLOADS]: The skill uses npx to download and execute the vendor's '@pachca/cli' package from the official NPM registry.
- [PROMPT_INJECTION]: The skill processes employee-generated content (names, emails, status messages) retrieved from the Pachca API, which creates a potential indirect prompt injection surface.
- Ingestion points: Employee data is retrieved using 'pachca users list' and 'pachca users get' as specified in SKILL.md.
- Boundary markers: No explicit delimiters or instructions are used to isolate untrusted data from the agent's context.
- Capability inventory: The skill is granted access to the Bash tool for command execution.
- Sanitization: No data sanitization or validation mechanisms are described for the retrieved API data.
Audit Metadata