pp-gumroad

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the gumroad-pp-cli tool using npx from the @mvanhorn npm namespace. This is an expected installation step for this vendor-provided skill.
  • [COMMAND_EXECUTION]: Executes shell commands via the gumroad-pp-cli binary to interact with Gumroad services, manage local storage, and perform data analytics.
  • [DATA_EXFILTRATION]: The CLI includes a --deliver webhook:<url> feature that allows the agent or user to transmit account data (such as products, sales, and payouts) to a remote server. While a legitimate integration feature, it provides a direct vector for potential data exposure if directed to an untrusted endpoint.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from external API responses.
  • Ingestion points: Data retrieved from the Gumroad API via commands like products list, sales list, and subscribers is ingested into the local SQLite store and agent context.
  • Boundary markers: No specific delimiters or boundary markers are mentioned to isolate external data from instructions.
  • Capability inventory: The skill can execute subprocesses (gumroad-pp-cli), write files (--deliver file:), and perform network operations (--deliver webhook:).
  • Sanitization: There is no documented sanitization or filtering of the content received from the Gumroad API before it is processed by the search or analytics tools.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:27 PM
Security Audit — agent-trust-hub — pp-gumroad