pp-facebook-marketplace
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
facebook-marketplace-pp-cliutility from the author's NPM repository (@mvanhorn/printing-press) and Go module (github.com/mvanhorn/printing-press-library).- [DATA_EXFILTRATION]: The CLI tool features a--deliver webhook:<url>flag that allows command results to be transmitted to arbitrary external endpoints. This could be leveraged to exfiltrate session data or marketplace content if the destination URL is attacker-controlled.- [COMMAND_EXECUTION]: The skill operates by executing shell commands via theBashtool to interact with the installed CLI binary and its various subcommands.- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to its handling of untrusted data from the Facebook Marketplace web surface. - Ingestion points:
marketplace_search,inbox list, and listing detail payloads (SKILL.md). - Boundary markers: Absent.
- Capability inventory: File system writes and network webhook delivery via the
facebook-marketplace-pp-clitool (SKILL.md). - Sanitization: No sanitization or validation of external content is documented before processing.
Audit Metadata