pp-gisis

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the gisis-pp-cli tool and printing-press-library from the author's GitHub and NPM repositories using go install and npx.
  • [COMMAND_EXECUTION]: The skill requires the execution of shell commands to manage maritime registry lookups, session authentication via press-auth, and CLI configuration.
  • [DATA_EXFILTRATION]: The CLI tool provides a --deliver webhook:<url> feature that enables command outputs, such as vessel particulars and ownership data, to be transmitted to arbitrary external URLs.
  • [PROMPT_INJECTION]: The skill ingests untrusted maritime data from the external GISIS registry (through commands like ship get and ship list) without defining boundary markers or sanitization procedures. This creates a surface for indirect prompt injection where malicious registry metadata could influence the agent's behavior, especially given the agent's access to the Bash tool and network sinks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 02:02 PM
Security Audit — agent-trust-hub — pp-gisis