pp-masterpark
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the masterpark-pp-cli tool using npx from the @mvanhorn/printing-press-library and go install from the mvanhorn/printing-press-library GitHub repository. These are vendor-controlled resources.
- [COMMAND_EXECUTION]: The skill executes the masterpark-pp-cli binary to interact with the netParkV2 API. It also supports secure credential retrieval by executing shell commands (e.g., using the 1Password op CLI) rather than hardcoding secrets.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it processes untrusted data from the MasterPark API endpoints (locations and reservations).
- Ingestion points: Data returned by the
masterpark-pp-cli reservations listandmasterpark-pp-cli locationscommands. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the API output as untrusted or to ignore instructions embedded within the data.
- Capability inventory: The agent has access to the
BashandReadtools, which could be exploited if malicious content in a reservation name or location description triggers unintended command execution. - Sanitization: No evidence of data sanitization, schema validation, or escaping of the API response content is mentioned in the instructions.
Audit Metadata