pp-masterpark

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the masterpark-pp-cli tool using npx from the @mvanhorn/printing-press-library and go install from the mvanhorn/printing-press-library GitHub repository. These are vendor-controlled resources.
  • [COMMAND_EXECUTION]: The skill executes the masterpark-pp-cli binary to interact with the netParkV2 API. It also supports secure credential retrieval by executing shell commands (e.g., using the 1Password op CLI) rather than hardcoding secrets.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it processes untrusted data from the MasterPark API endpoints (locations and reservations).
  • Ingestion points: Data returned by the masterpark-pp-cli reservations list and masterpark-pp-cli locations commands.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the API output as untrusted or to ignore instructions embedded within the data.
  • Capability inventory: The agent has access to the Bash and Read tools, which could be exploited if malicious content in a reservation name or location description triggers unintended command execution.
  • Sanitization: No evidence of data sanitization, schema validation, or escaping of the API response content is mentioned in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 11:26 AM
Security Audit — agent-trust-hub — pp-masterpark