pp-marginalrevolution
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
marginalrevolution-pp-clitool using the vendor's NPM package (@mvanhorn/printing-press) and Go repository (github.com/mvanhorn/printing-press-library). - [DATA_EXFILTRATION]: Documents a built-in CLI feature (
--deliver webhook:<url>) that enables the transfer of command output to specified external webhooks. - [COMMAND_EXECUTION]: Instructs the agent to execute the
marginalrevolution-pp-clibinary for tasks such as reading feeds, searching posts, and managing local profiles. - [PROMPT_INJECTION]: The skill ingests and processes content from the external Marginal Revolution RSS feed, creating an entry point for indirect prompt injection.
- Ingestion points: RSS feed data processed by
marginalrevolution-pp-cliin SKILL.md. - Boundary markers: None described in the skill instructions.
- Capability inventory: Shell execution (
marginalrevolution-pp-cli), file system writes (--deliver file:), and network requests (--deliver webhook:). - Sanitization: No explicit filtering or validation of the external RSS content is mentioned.
Audit Metadata