pp-nynj-world-cup-concierge

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the required CLI tool from the vendor's infrastructure using NPM and Go.
  • Evidence: npx -y @mvanhorn/printing-press-library install nynj-world-cup-concierge and go install github.com/mvanhorn/printing-press-library/....
  • [COMMAND_EXECUTION]: The skill relies on executing the nynj-world-cup-concierge-pp-cli binary locally to process information.
  • Evidence: Commands such as nynj-world-cup-concierge-pp-cli extract --agent are executed via the Bash tool.
  • [REMOTE_CODE_EXECUTION]: Installation instructions fetch and execute code from remote repositories at runtime.
  • Evidence: Use of npx -y and go install targets external packages from GitHub and the NPM registry.
  • [PROMPT_INJECTION]: Potential for indirect prompt injection as the skill processes unverified data from external public sources.
  • Ingestion points: External data is ingested via the extract command which fetches from 'public NYNJ World Cup Concierge sources' (SKILL.md).
  • Boundary markers: None identified in the prompt instructions to delimit untrusted data.
  • Capability inventory: The skill has access to the Bash tool, allowing command execution (SKILL.md).
  • Sanitization: No specific sanitization or filtering of the external source data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:08 AM
Security Audit — agent-trust-hub — pp-nynj-world-cup-concierge