pp-plane
Fail
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The installation instructions include a command sequence that uses
sudo mvto move a downloaded binary into/usr/local/bin/, which represents a privilege escalation attempt to gain administrative control over the filesystem. - [EXTERNAL_DOWNLOADS]: The skill explicitly directs the agent to download pre-built binaries from a GitHub releases page (
github.com/mvanhorn/printing-press-library) usingcurlif the tool is missing. - [REMOTE_CODE_EXECUTION]: The skill utilizes several methods to fetch and execute remote code at runtime, including
go installfrom a remote repository,npxexecution of a remote package, and direct binary execution after downloading viacurland applyingchmod +x. - [DATA_EXFILTRATION]: A significant exfiltration surface exists via the
--deliver webhook:<url>flag supported by every command. This allows the agent to route command output—which may include sensitive project data, user information, or API responses—directly to an arbitrary external URL controlled by an attacker. - [DATA_EXFILTRATION]: The skill includes a
feedbackcommand that can be configured to automatically POST local data to a remote endpoint via thePLANE_FEEDBACK_ENDPOINTenvironment variable.
Recommendations
- AI detected serious security threats
Audit Metadata