pp-scrape-do

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the scrape-do-pp-cli binary using go install and npx from the developer's official GitHub organization (mvanhorn) and NPM scope. These are recognized vendor resources used for the skill's primary functionality.
  • [COMMAND_EXECUTION]: The skill is designed to execute the scrape-do-pp-cli tool via the bash environment. It includes a sql command that allows the agent to perform read-only queries against a local SQLite database containing historical search data.
  • [DATA_EXFILTRATION]: The CLI includes a --deliver webhook:<url> feature. This allows the agent to POST command output to an external URL. While this is a functional feature for data routing, it should be monitored to ensure data is not sent to unauthorized endpoints.
  • [INDIRECT_PROMPT_INJECTION]: As a web scraping tool, the skill ingests external content from Google SERPs and arbitrary URLs into the agent's context. This represents a standard attack surface where malicious instructions could be embedded in scraped data; however, no specific exploitable patterns were found in the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 04:58 PM
Security Audit — agent-trust-hub — pp-scrape-do