pp-alaska-airlines
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install a command-line interface via
npx -y @mvanhorn/printing-press. As the package is within the author's own namespace, it is considered a legitimate dependency for the tool's intended use.\n- [CREDENTIALS_UNSAFE]: The documentation describes an authentication process that extracts cookies from the user's Chrome profile via the macOS keychain. This is a functional requirement for the tool to interact with Alaska Airlines APIs as an authenticated user and is handled by the external binary.\n- [DATA_EXFILTRATION]: The CLI tool includes a feedback mechanism that can optionally send data to a user-configured remote endpoint. This feature is documented, inactive by default, and requires the manual setting of environment variables.\n- [COMMAND_EXECUTION]: The skill guides the agent to run thealaska-airlines-pp-clibinary with various flags to perform legitimate tasks such as flight searches, reward balance checks, and airport lookups.
Audit Metadata