pp-pointhound
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
pointhound-pp-clifrom vendor-controlled sources. Evidence includes installation commands referencing the@mvanhornscope on npm and themvanhornrepository on GitHub. - [COMMAND_EXECUTION]: The skill's primary function is to wrap and execute the
pointhound-pp-clibinary to perform flight search and data analysis tasks. - [DATA_EXPOSURE_AND_EXFILTRATION]: The CLI tool includes functionality to deliver search results to external webhook URLs or local files via the
--deliverflag. This is documented as a feature for automation and data routing. - [CREDENTIALS_UNSAFE]: The tool implements an authentication mechanism that reads session cookies (cf_clearance and ph_session) directly from the user's browser profile to maintain session state with the Pointhound web service.
Audit Metadata