pp-plane

Fail

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The installation instructions include a command sequence that uses sudo mv to move a downloaded binary into /usr/local/bin/, which represents a privilege escalation attempt to gain administrative control over the filesystem.
  • [EXTERNAL_DOWNLOADS]: The skill explicitly directs the agent to download pre-built binaries from a GitHub releases page (github.com/mvanhorn/printing-press-library) using curl if the tool is missing.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes several methods to fetch and execute remote code at runtime, including go install from a remote repository, npx execution of a remote package, and direct binary execution after downloading via curl and applying chmod +x.
  • [DATA_EXFILTRATION]: A significant exfiltration surface exists via the --deliver webhook:<url> flag supported by every command. This allows the agent to route command output—which may include sensitive project data, user information, or API responses—directly to an arbitrary external URL controlled by an attacker.
  • [DATA_EXFILTRATION]: The skill includes a feedback command that can be configured to automatically POST local data to a remote endpoint via the PLANE_FEEDBACK_ENDPOINT environment variable.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 29, 2026, 07:57 PM
Security Audit — agent-trust-hub — pp-plane