pp-intervals-icu

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the intervals-icu-pp-cli and intervals-icu-pp-mcp binaries via go install from the author's GitHub repository (github.com/mvanhorn/printing-press-library). It also supports installation via NPM using npx -y @mvanhorn/printing-press-library.
  • [COMMAND_EXECUTION]: The primary function of the skill is to execute the intervals-icu-pp-cli binary to perform data synchronization, SQL queries, and fitness trend analysis.
  • [DATA_EXFILTRATION]: The CLI provides a --deliver webhook:<url> feature. This allows the output of any command—which may include personal health, wellness, and activity data—to be POSTed to an external URL. This is a documented capability of the tool.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) due to its data ingestion model.
  • Ingestion points: The skill synchronizes potentially untrusted athlete data (activities, wellness, notes) from the Intervals.icu REST API into a local SQLite database (SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions that might be embedded in the retrieved fitness data.
  • Capability inventory: The skill allows the agent to execute shell commands and route data to external files or webhooks via the intervals-icu-pp-cli tool.
  • Sanitization: The documentation does not specify any sanitization or filtering of the content retrieved from the external API before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 12:28 AM
Security Audit — agent-trust-hub — pp-intervals-icu