pp-google-play

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the google-play-pp-cli tool using npx from the @mvanhorn NPM scope or via go install from the github.com/mvanhorn/printing-press-library repository. These sources are identified as belonging to the skill's vendor infrastructure.
  • [COMMAND_EXECUTION]: The skill's core functionality relies on executing the google-play-pp-cli binary. It provides various command templates for scraping app details, reviews, and chart rankings.
  • [DATA_EXFILTRATION]: The tool includes a --deliver webhook:<url> feature that allows the output of commands to be POSTed to an external HTTP endpoint. This is a documented capability for routing scraped data to other services.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 04:57 AM
Security Audit — agent-trust-hub — pp-google-play