pp-render

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install a CLI tool using npx -y @mvanhorn/printing-press and go install github.com/mvanhorn/printing-press-library/.... These sources are associated with the vendor context provided for this skill.
  • [COMMAND_EXECUTION]: The skill's primary operation involves executing the render-pp-cli binary through shell commands to perform analytics and management tasks on Render services.
  • [DATA_EXFILTRATION]: The skill documents a --deliver webhook:<url> feature that allows the output of any command to be POSTed to a remote URL. This capability can be used to send sensitive infrastructure metadata, audit logs, and service configurations to external endpoints. Additionally, the feedback command can transmit data to a configurable RENDER_FEEDBACK_ENDPOINT.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: The skill retrieves and processes external data from the Render API, including logs (render-pp-cli logs), audit entries (render-pp-cli audit search), and service events.
  • Boundary markers: The skill encourages the use of the --agent flag, which outputs data in structured JSON format, providing some structural separation between data and instructions.
  • Capability inventory: The skill has shell execution capabilities via the render-pp-cli and can perform network operations via the webhook delivery mechanism.
  • Sanitization: There is no explicit documentation of sanitization or filtering of the content retrieved from the Render API before it is presented to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:20 AM
Security Audit — agent-trust-hub — pp-render