pp-midjourney

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to install the midjourney-pp-cli and a corresponding MCP server using package managers. Specifically, it uses npx to fetch @mvanhorn/printing-press-library and go install to fetch the module from github.com/mvanhorn/printing-press-library. These resources are owned by the vendor.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the midjourney-pp-cli binary to perform various Midjourney-related tasks. It passes user-provided arguments and subcommands directly to the shell environment using the Read Bash tool.
  • [CREDENTIALS_UNSAFE]: To function, the skill requires the user to set the MIDJOURNEY_COOKIE_HEADER environment variable. This variable contains sensitive authentication data used to communicate with the Midjourney API. The skill also manages configuration profiles and feedback logs stored in the ~/.midjourney-pp-cli/ directory.
  • [DATA_EXFILTRATION]: The CLI tool contains built-in features for sending data to external endpoints. The --deliver webhook:<url> flag allows users to route the output of any command to a remote URL. Additionally, the feedback command can be configured to automatically transmit local logs to a remote server defined by MIDJOURNEY_FEEDBACK_ENDPOINT.
  • [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection by taking natural language input from the user and passing it to the midjourney-pp-cli which command to resolve functionality.
  • Ingestion points: User queries for capabilities in the Direct Use section.
  • Boundary markers: None present for the which command arguments.
  • Capability inventory: The skill can execute shell commands, perform network requests, and write to the local filesystem.
  • Sanitization: No explicit sanitization or validation of the natural language query is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 04:52 PM
Security Audit — agent-trust-hub — pp-midjourney