pp-dreo

Warn

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The CLI caches sensitive authentication data, including the user's email, password, and bearer tokens, in ~/.config/dreo-pp-cli/config.toml. While the file is created with restrictive permissions (0600), storing long-lived credentials in plaintext or reversible formats on disk increases the risk of credential harvesting.
  • [DATA_EXFILTRATION]: The skill documents an output delivery system using the --deliver webhook:<url> flag. This allows command results, which may contain sensitive home automation state, sensor readings, or account metadata, to be exfiltrated to arbitrary external URLs.
  • [EXTERNAL_DOWNLOADS]: The installation process requires executing npx -y @mvanhorn/printing-press, which downloads and runs remote code from the NPM registry. While this is a vendor-provided resource, it represents an external dependency and a remote code execution vector during the setup phase.
  • [COMMAND_EXECUTION]: The skill relies on the execution of multiple shell commands and the installation of a local binary (dreo-pp-cli) to interact with smart-home devices, expanding the host's attack surface.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 28, 2026, 01:53 AM
Security Audit — agent-trust-hub — pp-dreo