Skills
skills/mvanhorn/printing-press-library/pp-company-goat/Gen Agent Trust Hub

pp-company-goat

Warn

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of a CLI tool and an MCP server from external sources on GitHub (github.com/mvanhorn/...) and the npm registry (@mvanhorn/printing-press).
  • [DATA_EXFILTRATION]: The tool supports a --deliver webhook:<url> flag, enabling the agent to send command outputs to any specified external endpoint.
  • [DATA_EXFILTRATION]: A local feedback system at ~/.company-goat-pp-cli/feedback.jsonl is capable of transmitting its contents to a remote server when the COMPANY_FEEDBACK_ENDPOINT variable is set.
  • [COMMAND_EXECUTION]: The skill involves executing several bash commands for installation and operation, including npx, go install, and claude mcp add.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8). Ingestion points: Data is fetched from sources like Hacker News and GitHub. Boundary markers: No delimiters are used to wrap external content. Capability inventory: The skill has bash execution, file writing, and network transmission capabilities. Sanitization: External content is processed without explicit validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 8, 2026, 05:35 PM