pp-here-now
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install its CLI tool via
npxfrom the NPM registry and viago installfrom a GitHub repository owned by the author (github.com/mvanhorn/*). These are standard installation methods for developer tools. - [COMMAND_EXECUTION]: The skill is designed to execute the
here-now-pp-clibinary to perform its primary functions. It includes a comprehensive command reference for managing domains, drives, authentication, and publishing workflows. - [DATA_EXFILTRATION]: While the CLI can send data to webhooks via the
--deliver webhook:<url>flag, this is a documented feature of the tool for routing output and is triggered by explicit user or agent arguments rather than hidden malicious behavior. - [CREDENTIALS_UNSAFE]: The skill documents how to set an API key (
HERENOW_API_KEY) for authentication but does not include any hardcoded secrets or unsafe credential handling practices.
Audit Metadata