pp-dub

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the dub-pp-cli and dub-pp-mcp binaries via npx and go install. These resources are hosted on the author's official NPM organization and GitHub repositories. While these operations involve downloading and executing code, they are legitimate steps for setting up the required tooling from the vendor infrastructure.
  • [COMMAND_EXECUTION]: The skill's primary function is to execute shell commands using the dub-pp-cli tool. This includes performing link audits, managing partner leaderboards, and reconciling commissions. The skill also includes a which command that uses natural language to resolve user queries into specific CLI commands.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external sources, such as link metadata and partner-submitted bounty evidence. This data enters the agent's context and could contain malicious instructions.
  • Ingestion points: Workspace data is ingested through commands like links get, bounties triage, and customers journey (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided instructions.
  • Capability inventory: The agent can perform sensitive actions such as partners ban, links delete, and routing data to external URLs via the --deliver webhook:<url> functionality.
  • Sanitization: No explicit sanitization or validation of the processed data is described in the skill metadata or instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:18 AM
Security Audit — agent-trust-hub — pp-dub