pp-github-intel

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs software components from the author's infrastructure, specifically using go install for GitHub repositories under github.com/mvanhorn/ and npx for packages in the @mvanhorn npm scope.
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to install and run the github-intel-pp-cli and github-intel-pp-mcp binaries to perform data retrieval and search operations.
  • [DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook:<url> feature that enables the agent to POST command results to arbitrary external HTTP endpoints, which could be used to transmit data outside the local environment.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests untrusted data from public GitHub repositories and security advisories.
  • Ingestion points: GitHub security advisories and repository metadata retrieved via the advisories and repos commands.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
  • Capability inventory: The agent has the ability to write output to local files (file:<path>) and send data to external URLs (webhook:<url>).
  • Sanitization: The skill does not define specific sanitization or validation steps for the retrieved GitHub content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 04:36 PM
Security Audit — agent-trust-hub — pp-github-intel