pp-intervals-icu
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
intervals-icu-pp-cliandintervals-icu-pp-mcpbinaries viago installfrom the author's GitHub repository (github.com/mvanhorn/printing-press-library). It also supports installation via NPM usingnpx -y @mvanhorn/printing-press-library. - [COMMAND_EXECUTION]: The primary function of the skill is to execute the
intervals-icu-pp-clibinary to perform data synchronization, SQL queries, and fitness trend analysis. - [DATA_EXFILTRATION]: The CLI provides a
--deliver webhook:<url>feature. This allows the output of any command—which may include personal health, wellness, and activity data—to be POSTed to an external URL. This is a documented capability of the tool. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) due to its data ingestion model.
- Ingestion points: The skill synchronizes potentially untrusted athlete data (activities, wellness, notes) from the Intervals.icu REST API into a local SQLite database (SKILL.md).
- Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions that might be embedded in the retrieved fitness data.
- Capability inventory: The skill allows the agent to execute shell commands and route data to external files or webhooks via the
intervals-icu-pp-clitool. - Sanitization: The documentation does not specify any sanitization or filtering of the content retrieved from the external API before processing.
Audit Metadata