pp-greatclips

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the greatclips-pp-cli binary using npx from the @mvanhorn/printing-press NPM package and go install from the mvanhorn/printing-press-library GitHub repository.
  • [COMMAND_EXECUTION]: The skill relies on the execution of shell commands to install, verify, and run the Great Clips CLI binary (greatclips-pp-cli).
  • [DATA_EXFILTRATION]: The CLI includes a --deliver webhook:<url> flag that allows the agent to route the output of any command (such as customer profile data or status information) to an arbitrary external URL via a POST request.
  • [DATA_EXFILTRATION]: The feedback --send feature allows local data stored in ~/.greatclips-pp-cli/feedback.jsonl to be transmitted to a remote endpoint if specific environment variables are configured.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:27 PM
Security Audit — agent-trust-hub — pp-greatclips