pp-facebook-marketplace

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the facebook-marketplace-pp-cli utility from the author's NPM repository (@mvanhorn/printing-press) and Go module (github.com/mvanhorn/printing-press-library).- [DATA_EXFILTRATION]: The CLI tool features a --deliver webhook:<url> flag that allows command results to be transmitted to arbitrary external endpoints. This could be leveraged to exfiltrate session data or marketplace content if the destination URL is attacker-controlled.- [COMMAND_EXECUTION]: The skill operates by executing shell commands via the Bash tool to interact with the installed CLI binary and its various subcommands.- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to its handling of untrusted data from the Facebook Marketplace web surface.
  • Ingestion points: marketplace_search, inbox list, and listing detail payloads (SKILL.md).
  • Boundary markers: Absent.
  • Capability inventory: File system writes and network webhook delivery via the facebook-marketplace-pp-cli tool (SKILL.md).
  • Sanitization: No sanitization or validation of external content is documented before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 06:51 AM
Security Audit — agent-trust-hub — pp-facebook-marketplace