pp-archive-is
Pass
Audited by Gen Agent Trust Hub on May 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to download and install executable code from external registries.
- Uses
npxto install the@mvanhorn/printing-presspackage from the NPM registry. - Uses
go installto download and compile thearchive-is-pp-clitool directly from a GitHub repository. - [COMMAND_EXECUTION]: The skill is built around the execution of a local binary (
archive-is-pp-cli) to perform web archival and retrieval operations. - [DATA_EXFILTRATION]: The CLI includes a
--deliverflag that allows the agent to route the output of its operations to arbitrary external webhooks or local file paths. - This feature enables the transfer of retrieved article text or metadata to third-party network endpoints, which could be misused to exfiltrate data if a malicious destination is provided.
- [PROMPT_INJECTION]: The skill ingests and processes data from external sources, creating a risk of indirect prompt injection.
- Ingestion points: The tool fetches article text and HTML from third-party archive backends (archive.today and the Wayback Machine) based on user-provided URLs.
- Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from following instructions that might be embedded in the archived content.
- Capability inventory: The agent has the ability to write to the local file system and perform network requests via the CLI's
--deliverandfeedbackfeatures. - Sanitization: The skill does not describe any sanitization or filtering of the fetched content before it is processed by the agent.
Audit Metadata