pp-ebay
Warn
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The
ebay-pp-cliutility includes a--deliver webhook:<url>argument that enables the automatic transmission of command results to an arbitrary external URL via HTTP POST. This allows for the direct exfiltration of sensitive eBay data (e.g., purchase history, watchlists) to an attacker-controlled endpoint. - [DATA_EXFILTRATION]: The
feedbackcommand can be configured via theEBAY_FEEDBACK_ENDPOINTenvironment variable to send local notes and diagnostic data to a remote server. - [EXTERNAL_DOWNLOADS]: The skill requires downloading and installing external binaries and packages from
github.com/mvanhornand the npm registry vianpxduring the setup phase. - [CREDENTIALS_UNSAFE]: The authentication flow involves reading sensitive browser session cookies from the local machine using utilities like
pycookiecheatto obtain access to the user's active eBay session. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from eBay listings (titles, descriptions) and processes it without specified boundary markers or sanitization logic.
- [COMMAND_EXECUTION]: The skill functions by executing a locally installed binary (
ebay-pp-cli) with arguments derived from user prompts.
Audit Metadata