pp-botsee
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for downloading and installing the
botsee-pp-clibinary usingnpx -y @mvanhorn/printing-press-libraryorgo install github.com/mvanhorn/printing-press-library/.... These resources are fetched from public registries and repositories associated with the vendor. - [COMMAND_EXECUTION]: The skill facilitates the execution of the
botsee-pp-clitool to perform SEO and AI visibility audits. - [DATA_EXFILTRATION]: The CLI includes a
--deliver webhook:<url>feature that allows the output of any command to be sent to an arbitrary external URL. This represents a potential data exfiltration surface if the agent is directed to send sensitive analysis results to an attacker-controlled endpoint. - [CREDENTIALS_UNSAFE]: The skill documents commands for managing sensitive data, including creating API keys and webhooks, where secrets are returned directly in the command output for storage.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from untrusted external URLs.
- Ingestion points: External website content is ingested via the
ai-visibility-audit <url>command. - Boundary markers: The documentation does not specify the use of delimiters or markers to separate untrusted site content from agent instructions.
- Capability inventory: The CLI possesses capabilities to execute commands, write to the local file system, and perform network requests to webhooks.
- Sanitization: There is no documentation regarding the sanitization or validation of the content retrieved from audited URLs.
Audit Metadata