pp-context-dev
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires downloading a command-line interface from vendor-controlled repositories.
- Fetches the
@mvanhorn/printing-press-librarypackage vianpxfor installation. - Downloads and compiles the
context-dev-pp-clibinary from the vendor's GitHub repository (github.com/mvanhorn/printing-press-library) usinggo install. - [COMMAND_EXECUTION]: The skill facilitates the execution of the
context-dev-pp-clitool to perform web intelligence tasks. - Provides an extensive command reference for scraping, crawling, and data extraction based on user-provided arguments.
- [DATA_EXFILTRATION]: The tool includes built-in functionality to transmit data to external network endpoints.
- The
--deliver webhook:<url>parameter allows the agent to POST command results or scraped data to arbitrary external URLs. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing untrusted web content.
- Ingestion points: Ingests external data via scraping and crawling subcommands (
SKILL.md). - Boundary markers: No explicit instructions are provided to the agent to treat scraped website content as untrusted or to ignore embedded instructions within that content.
- Capability inventory: The agent can perform network operations (scraping and webhooks), write files, and execute CLI commands.
- Sanitization: While the tool converts content to Markdown or JSON, there is no evidence of filtering to remove potential malicious instructions hidden in the source data.
Audit Metadata