pp-printing-press-rich

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill is distributed via the @mvanhorn/printing-press-library npm package and GitHub releases. These are well-known services and the vendor's official distribution channels.
  • [COMMAND_EXECUTION]: The skill's primary function is to execute the local binary printing-press-rich-pp-cli to interact with service APIs and local data stores.
  • [CREDENTIALS_UNSAFE]: The tool manages several sensitive credentials (e.g., RICH_AUTH_API_KEY, RICH_AUTH_CLIENT_SECRET) using standard environment variables and a dedicated credentials.toml file. The documentation correctly identifies these as sensitive and provides commands for secure management.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 04:52 AM
Security Audit — agent-trust-hub — pp-printing-press-rich