pp-scrape-creators

Warn

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install executable code from external sources via npx and go install.
  • Evidence: npx -y @mvanhorn/printing-press install scrape-creators --cli-only (SKILL.md)
  • Evidence: go install github.com/mvanhorn/printing-press-library/library/developer-tools/scrape-creators/cmd/scrape-creators-pp-cli@latest (SKILL.md)
  • [REMOTE_CODE_EXECUTION]: The installation process involves executing scripts and compiling binaries from remote repositories, which run with the user's local privileges.
  • [DATA_EXFILTRATION]: The CLI tool contains a --deliver webhook:<url> feature that allows the agent to POST scraped data to an arbitrary external URL. This capability can be misused to exfiltrate sensitive data or scraped content to attacker-controlled infrastructure.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted content from external social media platforms.
  • Ingestion points: The tool fetches video transcripts, creator biographies, post content, and advertisement metadata from TikTok, Instagram, Facebook, and YouTube (SKILL.md).
  • Boundary markers: Absent. There are no instructions or delimiters defined to prevent the agent from following instructions embedded in the scraped content.
  • Capability inventory: The skill can execute shell commands through the scrape-creators-pp-cli binary, write to the file system, and perform network operations via the webhook sink.
  • Sanitization: Absent. There is no evidence of filtering or validation for instructions hidden within the scraped data strings.
  • [COMMAND_EXECUTION]: The skill operates by executing shell commands with user-provided arguments, increasing the risk of command injection if arguments are not properly handled by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 30, 2026, 03:06 AM
Security Audit — agent-trust-hub — pp-scrape-creators