pp-reno-goat
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install a CLI tool from the author's verified NPM registry (@mvanhorn/printing-press-library) and GitHub repository (github.com/mvanhorn/printing-press-library).
- [COMMAND_EXECUTION]: The skill facilitates the execution of the 'reno-goat-pp-cli' binary to perform product lookups, price comparisons, and store location searches.
- [DATA_EXFILTRATION]: The CLI tool includes an output delivery feature that supports a 'webhook:' sink, which allows command results to be transmitted to arbitrary external endpoints. It also supports writing results to local files using the 'file:' sink.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it fetches and processes product specifications and reviews from 33 external retail websites. Evidence Chain: 1. Ingestion points: External product details and reviews (SKILL.md). 2. Boundary markers: Absent in skill instructions. 3. Capability inventory: Local file writes and network webhook operations via CLI arguments. 4. Sanitization: Not explicitly defined within the skill instructions.
Audit Metadata