pp-airbnb
Warn
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
airbnb-pp-clitool usingnpxandgo installfrom repositories owned by the author (github.com/mvanhorn/...). This involves downloading and executing code from external sources during setup. - [REMOTE_CODE_EXECUTION]: The use of
npx -y @mvanhorn/printing-pressdirectly fetches and executes a package from the npm registry. Similarly,go installdownloads and compiles remote source code into executable binaries. - [DATA_EXFILTRATION]: The CLI tool features a
--deliver webhook:<url>option. This allows the agent to transmit command outputs, which may contain user listing data, wishlist details, or trip plans, to any external server. - [DATA_EXFILTRATION]: The
feedbackcommand and associated environment variables (AIRBNB_PP_FEEDBACK_AUTO_SEND,AIRBNB_PP_FEEDBACK_ENDPOINT) enable the transmission of local data to remote endpoints. - [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
Read Bashtool. The direct mapping of user-supplied$ARGUMENTSto command-line parameters without explicit sanitization patterns poses a potential risk of command injection. - [CREDENTIALS_UNSAFE]: The tool manages authenticated sessions (cookies) for Airbnb via
auth login --chrome, which involves handling sensitive session information locally to access user data like wishlists.
Audit Metadata