pp-ebay

Warn

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The ebay-pp-cli utility includes a --deliver webhook:<url> argument that enables the automatic transmission of command results to an arbitrary external URL via HTTP POST. This allows for the direct exfiltration of sensitive eBay data (e.g., purchase history, watchlists) to an attacker-controlled endpoint.
  • [DATA_EXFILTRATION]: The feedback command can be configured via the EBAY_FEEDBACK_ENDPOINT environment variable to send local notes and diagnostic data to a remote server.
  • [EXTERNAL_DOWNLOADS]: The skill requires downloading and installing external binaries and packages from github.com/mvanhorn and the npm registry via npx during the setup phase.
  • [CREDENTIALS_UNSAFE]: The authentication flow involves reading sensitive browser session cookies from the local machine using utilities like pycookiecheat to obtain access to the user's active eBay session.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from eBay listings (titles, descriptions) and processes it without specified boundary markers or sanitization logic.
  • [COMMAND_EXECUTION]: The skill functions by executing a locally installed binary (ebay-pp-cli) with arguments derived from user prompts.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 15, 2026, 11:54 PM
Security Audit — agent-trust-hub — pp-ebay