pp-github-intel
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and installs software components from the author's infrastructure, specifically using
go installfor GitHub repositories undergithub.com/mvanhorn/andnpxfor packages in the@mvanhornnpm scope. - [COMMAND_EXECUTION]: The skill instructions direct the agent to install and run the
github-intel-pp-cliandgithub-intel-pp-mcpbinaries to perform data retrieval and search operations. - [DATA_EXFILTRATION]: The CLI tool includes a
--deliver webhook:<url>feature that enables the agent to POST command results to arbitrary external HTTP endpoints, which could be used to transmit data outside the local environment. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests untrusted data from public GitHub repositories and security advisories.
- Ingestion points: GitHub security advisories and repository metadata retrieved via the
advisoriesandreposcommands. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: The agent has the ability to write output to local files (
file:<path>) and send data to external URLs (webhook:<url>). - Sanitization: The skill does not define specific sanitization or validation steps for the retrieved GitHub content before it is processed by the agent.
Audit Metadata