Skills
skills/mvanhorn/printing-press-library/pp-dominos/Gen Agent Trust Hub

pp-dominos

Fail

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install the dominos-pp-cli tool using npx -y @mvanhorn/printing-press install dominos --cli-only and go install github.com/mvanhorn/printing-press-library/library/food-and-dining/dominos/cmd/dominos-pp-cli@latest. These sources are outside of the trusted vendor scope.
  • [REMOTE_CODE_EXECUTION]: The installation methods involve executing code from remote registries. npx -y automatically downloads and runs packages from the NPM registry, while go install fetches, compiles, and runs code directly from a GitHub repository.
  • [DATA_EXFILTRATION]: Every command in the CLI supports a --deliver webhook:<url> flag, which allows the output (including customer addresses, order history, and loyalty tokens) to be POSTed to an arbitrary attacker-controlled URL.
  • [COMMAND_EXECUTION]: The skill relies on shell command execution to interact with the local Domino's CLI and manages a local SQLite database, providing the binary with access to the local file system.
  • [CREDENTIALS_UNSAFE]: Authentication tokens are stored in plain text in the user's home directory at ~/.config/dominos-pp-cli/config.toml following a successful login.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 9, 2026, 06:23 PM