pp-hotel-tonight

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of binary tools from the vendor's GitHub repository and NPM registry using go install and npx. These are legitimate resources owned by the skill's author.
  • [COMMAND_EXECUTION]: Instructs the agent to execute shell commands via the hotel-tonight-pp-cli binary. It passes user intent through $ARGUMENTS using the --agent flag for machine-readable output.
  • [DATA_EXFILTRATION]: The tool provides a --deliver webhook:<url> option. This feature allows the agent to transmit command results to an arbitrary external URL, facilitating data export or integration with external services.
  • [PROMPT_INJECTION]: The skill processes external data from the HotelTonight API, creating a surface for indirect prompt injection.
  • Ingestion points: Data is fetched from a live travel deal API and stored in a local SQLite database.
  • Boundary markers: No specific delimiters or instructions to ignore instructions embedded in the travel data were identified.
  • Capability inventory: The skill has the ability to execute shell commands, perform network requests, and route data to files or webhooks.
  • Sanitization: There is no mention of validation or sanitization of the external deal content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 03:15 PM
Security Audit — agent-trust-hub — pp-hotel-tonight