pp-pvgis

Warn

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the pvgis-pp-cli binary using npx from the @mvanhorn/printing-press-library package or via go install from the vendor's repository (github.com/mvanhorn/printing-press-library). These are vendor-owned resources.
  • [DATA_EXFILTRATION]: The CLI includes a --deliver webhook:<url> flag that enables the agent to POST command results to an arbitrary external URL. This capability represents a significant data exfiltration surface if the agent processes sensitive location or site data.
  • [DATA_EXFILTRATION]: The feedback command is capable of sending local data to a remote endpoint if the PVGIS_FEEDBACK_ENDPOINT environment variable is configured, which could be abused to exfiltrate logs or configuration.
  • [COMMAND_EXECUTION]: The skill operates by executing the pvgis-pp-cli binary with various arguments and flags. It specifically utilizes an --agent mode to facilitate non-interactive execution by the AI.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted external data.
  • Ingestion points: External CSV files are ingested via the --input flag in the sites rank and weather similar commands, and natural language strings are passed to the which command for capability discovery.
  • Boundary markers: There are no identified markers or instructions to the agent to ignore potentially malicious content embedded within the CSV data.
  • Capability inventory: The skill has access to network operations (via the PVGIS API and the webhook delivery feature) and file system writes (via the file:<path> delivery sink).
  • Sanitization: No evidence of sanitization or strict schema validation for the input CSV data was found in the skill instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 16, 2026, 12:56 AM
Security Audit — agent-trust-hub — pp-pvgis