pp-eu-tenders
Warn
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of external binaries from non-trusted sources using
npx -y @mvanhorn/printing-pressandgo install github.com/mvanhorn/printing-press-library/.... These repositories are maintained by the skill author and are not part of the recognized trusted vendor list. - [DATA_EXFILTRATION]: The CLI tool implements a
--deliver webhook:<url>flag, which enables the redirection of command output to any user-specified URL via HTTP POST. This capability can be exploited to exfiltrate processed data to external servers. - [COMMAND_EXECUTION]: The skill invokes a local binary
eu-tenders-pp-cliand includes asqlsubcommand capable of executing arbitrary SQL queries provided as strings, such aseu-tenders-pp-cli sql "SELECT...". - [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) due to its processing of external tender data.
- Ingestion points: The skill ingests and processes EU public procurement notices from the TED database (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content within the processed notices.
- Capability inventory: The skill possesses network capabilities (sync, webhooks), file system access (SQLite DB, feedback logs, profiles), and arbitrary command/SQL execution.
- Sanitization: The instructions do not define sanitization or validation logic for data passed into the
whichnatural language command or thesqlexecution command.
Audit Metadata