pp-here-now

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install its CLI tool via npx from the NPM registry and via go install from a GitHub repository owned by the author (github.com/mvanhorn/*). These are standard installation methods for developer tools.
  • [COMMAND_EXECUTION]: The skill is designed to execute the here-now-pp-cli binary to perform its primary functions. It includes a comprehensive command reference for managing domains, drives, authentication, and publishing workflows.
  • [DATA_EXFILTRATION]: While the CLI can send data to webhooks via the --deliver webhook:<url> flag, this is a documented feature of the tool for routing output and is triggered by explicit user or agent arguments rather than hidden malicious behavior.
  • [CREDENTIALS_UNSAFE]: The skill documents how to set an API key (HERENOW_API_KEY) for authentication but does not include any hardcoded secrets or unsafe credential handling practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 03:02 AM
Security Audit — agent-trust-hub — pp-here-now