pp-ahrefs

Warn

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses $ARGUMENTS directly within shell commands in the Direct Use section without apparent sanitization. This pattern allows for command injection if user-provided input contains shell metacharacters such as pipes or semicolons.- [DATA_EXFILTRATION]: The ahrefs-pp-cli tool supports a --deliver webhook:<url> flag. This feature allows the agent to send command outputs, which may contain sensitive SEO or project data, to arbitrary external URLs.- [CREDENTIALS_UNSAFE]: The documentation identifies ~/.config/ahrefs-pp-cli/config.toml and the AHREFS_API_KEY environment variable as locations for storing sensitive authentication credentials, providing a specific target for potential credential harvesting.- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install CLI binaries using npx and go install from repositories associated with the skill's author.- [PROMPT_INJECTION]: There is an indirect prompt injection surface where untrusted data can influence tool behavior. Ingestion points: $ARGUMENTS in SKILL.md. Boundary markers: Absent. Capability inventory: Access to ahrefs-pp-cli and Bash tool. Sanitization: No explicit sanitization of input is mentioned before command execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 15, 2026, 02:32 PM
Security Audit — agent-trust-hub — pp-ahrefs