pp-pokeapi

Warn

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill implements a --deliver webhook:<url> feature that allows the agent to POST command results to an arbitrary external URL. This provides a direct mechanism for data exfiltration if the agent is manipulated into processing sensitive information.
  • [DATA_EXFILTRATION]: The feedback command can be configured to automatically exfiltrate data to a remote server by setting the POKEAPI_FEEDBACK_ENDPOINT environment variable and the POKEAPI_FEEDBACK_AUTO_SEND flag.
  • [COMMAND_EXECUTION]: The sql subcommand allows the agent to execute raw SQL queries against the local database. While described as read-only, this provides an interface for arbitrary query execution that could be abused to explore or potentially manipulate the local storage environment.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of external binaries from GitHub (github.com/mvanhorn/) and via NPM (@mvanhorn/printing-press). These are vendor-owned resources used for the core functionality of the skill.
  • [DATA_EXFILTRATION]: The skill allows writing command output directly to files using the --deliver file:<path> flag, which can be used to overwrite or create files in the local file system.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 15, 2026, 05:27 PM
Security Audit — agent-trust-hub — pp-pokeapi