pp-google-ad-manager

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the google-ad-manager-pp-cli binary, providing instructions to fetch it from the author's GitHub repository (github.com/mvanhorn/printing-press-library) and a scoped NPM package (@mvanhorn/printing-press-library).
  • [DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook:<url> feature that allows command output (which may contain sensitive revenue or inventory data) to be POSTed to an arbitrary external URL.
  • [COMMAND_EXECUTION]: The skill uses the Read Bash tool to execute the google-ad-manager-pp-cli binary, passing user-supplied arguments directly to the shell environment.
  • [DATA_EXFILTRATION]: A feedback mechanism is implemented (google-ad-manager-pp-cli feedback) which can be configured to transmit data to an external endpoint if the GOOGLE_AD_MANAGER_FEEDBACK_AUTO_SEND environment variable is enabled.
  • [PROMPT_INJECTION]: The skill processes external data from the Google Ad Manager API (such as reports and inventory lists). While this presents an indirect prompt injection surface, the risk is minimized by the use of structured output flags like --json and --agent for machine processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 02:11 PM
Security Audit — agent-trust-hub — pp-google-ad-manager