pp-emailoctopus

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the emailoctopus-pp-cli via the @mvanhorn/printing-press package from the NPM registry. This is a standard installation procedure for Node.js-based tooling from an established package manager.
  • [DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook:<url> capability, which allows command output (such as campaign reports or contact lists) to be POSTed to an arbitrary URL. This is a documented feature for workflow automation but acts as a potential surface for data transfer to external endpoints.
  • [COMMAND_EXECUTION]: The skill executes the emailoctopus-pp-cli binary with various arguments and subcommands. This includes a which command that takes natural language input to find appropriate subcommands, passing user-supplied strings into the CLI environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:27 PM
Security Audit — agent-trust-hub — pp-emailoctopus