pp-dub
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
dub-pp-clianddub-pp-mcpbinaries vianpxandgo install. These resources are hosted on the author's official NPM organization and GitHub repositories. While these operations involve downloading and executing code, they are legitimate steps for setting up the required tooling from the vendor infrastructure. - [COMMAND_EXECUTION]: The skill's primary function is to execute shell commands using the
dub-pp-clitool. This includes performing link audits, managing partner leaderboards, and reconciling commissions. The skill also includes awhichcommand that uses natural language to resolve user queries into specific CLI commands. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external sources, such as link metadata and partner-submitted bounty evidence. This data enters the agent's context and could contain malicious instructions.
- Ingestion points: Workspace data is ingested through commands like
links get,bounties triage, andcustomers journey(SKILL.md). - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided instructions.
- Capability inventory: The agent can perform sensitive actions such as
partners ban,links delete, and routing data to external URLs via the--deliver webhook:<url>functionality. - Sanitization: No explicit sanitization or validation of the processed data is described in the skill metadata or instructions.
Audit Metadata