pp-ahrefs
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to install dependencies from external package registries and repositories:
- npm package:
@mvanhorn/printing-pressvianpx. - Go modules:
github.com/mvanhorn/printing-press-library/library/marketing/ahrefs/cmd/ahrefs-pp-cliandahrefs-pp-mcpviago install. - [REMOTE_CODE_EXECUTION]: The installation procedures download and execute code from the internet at runtime. These resources are hosted on GitHub and npm under the author's namespace.
- [DATA_EXFILTRATION]: The CLI tool includes a
--deliver webhook:<url>feature. This capability allows the agent to send the results of its SEO analysis or configuration data to an arbitrary external URL via a POST request. - [COMMAND_EXECUTION]: The skill's primary operation involves executing the
ahrefs-pp-clibinary with various subcommands and flags using theBashtool. - [PROMPT_INJECTION]:
- Indirect Prompt Injection Surface: The skill ingest data from the Ahrefs API, such as backlink anchors, keyword names, and crawled page content. This is untrusted external data that can be influenced by third parties (e.g., website owners).
- Ingestion points: CLI output results processed by the agent (e.g., in
SKILL.md). - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided skill context.
- Capability inventory: The agent possesses the capability to execute shell commands, write to files, and perform network requests via the tool's delivery system.
- Sanitization: There is no evidence of sanitization or filtering applied to the data retrieved from the API before it is returned to the agent context.
Audit Metadata