pp-google-ad-manager
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
google-ad-manager-pp-clibinary, providing instructions to fetch it from the author's GitHub repository (github.com/mvanhorn/printing-press-library) and a scoped NPM package (@mvanhorn/printing-press-library). - [DATA_EXFILTRATION]: The CLI tool includes a
--deliver webhook:<url>feature that allows command output (which may contain sensitive revenue or inventory data) to be POSTed to an arbitrary external URL. - [COMMAND_EXECUTION]: The skill uses the
Read Bashtool to execute thegoogle-ad-manager-pp-clibinary, passing user-supplied arguments directly to the shell environment. - [DATA_EXFILTRATION]: A feedback mechanism is implemented (
google-ad-manager-pp-cli feedback) which can be configured to transmit data to an external endpoint if theGOOGLE_AD_MANAGER_FEEDBACK_AUTO_SENDenvironment variable is enabled. - [PROMPT_INJECTION]: The skill processes external data from the Google Ad Manager API (such as reports and inventory lists). While this presents an indirect prompt injection surface, the risk is minimized by the use of structured output flags like
--jsonand--agentfor machine processing.
Audit Metadata