pp-amazon-orders
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
amazon-orders-pp-cliandamazon-orders-pp-mcptools usinggo installfromgithub.com/mvanhorn/printing-press-libraryandnpxfrom@mvanhorn/printing-press. These resources are provided by the skill's author to enable its core functionality. - [DATA_EXFILTRATION]: The CLI tool features a
--deliver webhook:<url>flag, which allows the output of commands (such as order history or spending reports) to be sent to an external URL. This is a documented capability for data routing and is controlled by the user or agent via command-line arguments. - [PROMPT_INJECTION]: The skill parses untrusted data from Amazon order pages, which presents a surface for indirect prompt injection.
- Ingestion points: Data is ingested from Amazon order detail pages and listings via the
syncandorders listcommands. - Boundary markers: No specific delimiters or instructions to ignore embedded content are provided in the current prompt guidance.
- Capability inventory: The skill has access to shell execution via
Read Bash, as well as the ability to write to files and send network requests via the tool's delivery sinks. - Sanitization: The documentation does not specify sanitization or validation of the scraped HTML content before it is processed by the agent.
- [COMMAND_EXECUTION]: The skill includes instructions for secure environment setup that use
shredandrmto clean up temporary authentication files, which is a defensive security practice.
Audit Metadata