pp-linq
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the 'linq-pp-cli' and 'linq-pp-mcp' binaries. These are fetched from the vendor's official GitHub repository (github.com/mvanhorn/printing-press-library) using 'go install' and from the vendor's NPM package (@mvanhorn/printing-press-library) using 'npx'. These sources are associated with the skill's author context.
- [COMMAND_EXECUTION]: The skill facilitates the execution of the 'linq-pp-cli' tool to perform messaging operations, manage attachments, and configure webhooks. It includes a natural-language command discovery feature ('linq-pp-cli which') and supports executing commands with an '--agent' flag for machine-readable output.
- [DATA_EXFILTRATION]: The CLI tool documents a '--deliver webhook:' feature that allows command output to be POSTed to a user-specified URL. This is a documented capability of the underlying tool's output delivery system used for automation and integration.
- [CREDENTIALS_UNSAFE]: The skill provides safe instructions for setting an API token using the CLI's internal auth mechanism or an environment variable ('LINQ_API_V3_API_KEY'), utilizing placeholders like 'YOUR_TOKEN_HERE' for the user to complete.
Audit Metadata