pp-namecheap
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the
namecheap-pp-clibinary usingnpxfrom the@mvanhornNPM scope or viago installfrom thegithub.com/mvanhornGitHub repository. These sources are associated with the skill's author context. - [COMMAND_EXECUTION]: The skill facilitates the execution of various Namecheap management commands through the
namecheap-pp-clibinary using theBashtool. These commands interact with Namecheap's XML API to retrieve or modify account and domain data. - [DATA_EXFILTRATION]: The CLI tool includes a
--deliver webhook:<url>feature that allows output, which may contain sensitive API data, to be POSTed to an external URL. Additionally, thefeedbackcommand can be configured to automatically send local feedback entries to a remote endpoint if theNAMECHEAP_FEEDBACK_ENDPOINTenvironment variable is set. These are documented capabilities of the managed tool rather than hidden malicious behaviors.
Audit Metadata