pp-nvd
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends installing command-line tools and MCP servers directly from the vendor's repositories on GitHub and NPM.
- Directs users to use
go installfor packages undergithub.com/mvanhorn/printing-press-library. - References the
@mvanhorn/printing-presspackage for installation vianpx. - [DATA_EXFILTRATION]: The CLI tool provides built-in capabilities to route its output to external network destinations.
- The
--deliverflag supports thewebhook:<url>scheme, enabling the POSTing of tool results to remote servers. - A feedback mechanism is documented which can be configured to transmit data to a remote endpoint via the
NVD_FEEDBACK_ENDPOINTenvironment variable.
Audit Metadata