pp-hotel-tonight
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of binary tools from the vendor's GitHub repository and NPM registry using
go installandnpx. These are legitimate resources owned by the skill's author. - [COMMAND_EXECUTION]: Instructs the agent to execute shell commands via the
hotel-tonight-pp-clibinary. It passes user intent through$ARGUMENTSusing the--agentflag for machine-readable output. - [DATA_EXFILTRATION]: The tool provides a
--deliver webhook:<url>option. This feature allows the agent to transmit command results to an arbitrary external URL, facilitating data export or integration with external services. - [PROMPT_INJECTION]: The skill processes external data from the HotelTonight API, creating a surface for indirect prompt injection.
- Ingestion points: Data is fetched from a live travel deal API and stored in a local SQLite database.
- Boundary markers: No specific delimiters or instructions to ignore instructions embedded in the travel data were identified.
- Capability inventory: The skill has the ability to execute shell commands, perform network requests, and route data to files or webhooks.
- Sanitization: There is no mention of validation or sanitization of the external deal content before it is processed by the agent.
Audit Metadata