pp-pokeapi
Warn
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION]: The skill implements a
--deliver webhook:<url>feature that allows the agent to POST command results to an arbitrary external URL. This provides a direct mechanism for data exfiltration if the agent is manipulated into processing sensitive information. - [DATA_EXFILTRATION]: The
feedbackcommand can be configured to automatically exfiltrate data to a remote server by setting thePOKEAPI_FEEDBACK_ENDPOINTenvironment variable and thePOKEAPI_FEEDBACK_AUTO_SENDflag. - [COMMAND_EXECUTION]: The
sqlsubcommand allows the agent to execute raw SQL queries against the local database. While described as read-only, this provides an interface for arbitrary query execution that could be abused to explore or potentially manipulate the local storage environment. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of external binaries from GitHub (
github.com/mvanhorn/) and via NPM (@mvanhorn/printing-press). These are vendor-owned resources used for the core functionality of the skill. - [DATA_EXFILTRATION]: The skill allows writing command output directly to files using the
--deliver file:<path>flag, which can be used to overwrite or create files in the local file system.
Audit Metadata