Skills
skills/mvanhorn/printing-press-library/pp-podscan/Gen Agent Trust Hub

pp-podscan

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the podscan-pp-cli binary using npx from the @mvanhorn/printing-press package or via go install from the author's GitHub repository.
  • [COMMAND_EXECUTION]: The skill executes the podscan-pp-cli tool to manage alerts, search episodes, and interact with the Podscan API.
  • [DATA_EXFILTRATION]: The tool includes an output delivery feature (--deliver webhook:<url>) that can transmit command results to external webhooks. This is a functional capability of the CLI that could be used to send data to remote servers.
  • [PROMPT_INJECTION]: The skill provides access to untrusted content from podcast transcripts, presenting an indirect prompt injection surface.
  • Ingestion points: Podcast transcripts and metadata are retrieved via podscan-pp-cli episodes search and podscan-pp-cli podcasts search commands.
  • Boundary markers: The skill does not define explicit delimiters or instructions to ignore embedded commands within the podcast data.
  • Capability inventory: The agent can write to local files and send data to webhooks using the CLI's --deliver flag, which are powerful capabilities if triggered by malicious transcript content.
  • Sanitization: There is no evidence of sanitization or filtering of external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 05:08 PM