pp-botsee

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for downloading and installing the botsee-pp-cli binary using npx -y @mvanhorn/printing-press-library or go install github.com/mvanhorn/printing-press-library/.... These resources are fetched from public registries and repositories associated with the vendor.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the botsee-pp-cli tool to perform SEO and AI visibility audits.
  • [DATA_EXFILTRATION]: The CLI includes a --deliver webhook:<url> feature that allows the output of any command to be sent to an arbitrary external URL. This represents a potential data exfiltration surface if the agent is directed to send sensitive analysis results to an attacker-controlled endpoint.
  • [CREDENTIALS_UNSAFE]: The skill documents commands for managing sensitive data, including creating API keys and webhooks, where secrets are returned directly in the command output for storage.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from untrusted external URLs.
  • Ingestion points: External website content is ingested via the ai-visibility-audit <url> command.
  • Boundary markers: The documentation does not specify the use of delimiters or markers to separate untrusted site content from agent instructions.
  • Capability inventory: The CLI possesses capabilities to execute commands, write to the local file system, and perform network requests to webhooks.
  • Sanitization: There is no documentation regarding the sanitization or validation of the content retrieved from audited URLs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 01:34 AM
Security Audit — agent-trust-hub — pp-botsee