pp-dreo
Warn
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The CLI caches sensitive authentication data, including the user's email, password, and bearer tokens, in
~/.config/dreo-pp-cli/config.toml. While the file is created with restrictive permissions (0600), storing long-lived credentials in plaintext or reversible formats on disk increases the risk of credential harvesting. - [DATA_EXFILTRATION]: The skill documents an output delivery system using the
--deliver webhook:<url>flag. This allows command results, which may contain sensitive home automation state, sensor readings, or account metadata, to be exfiltrated to arbitrary external URLs. - [EXTERNAL_DOWNLOADS]: The installation process requires executing
npx -y @mvanhorn/printing-press, which downloads and runs remote code from the NPM registry. While this is a vendor-provided resource, it represents an external dependency and a remote code execution vector during the setup phase. - [COMMAND_EXECUTION]: The skill relies on the execution of multiple shell commands and the installation of a local binary (
dreo-pp-cli) to interact with smart-home devices, expanding the host's attack surface.
Audit Metadata