pp-seats-aero

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs the seats-aero-pp-cli and seats-aero-pp-mcp tools from the author's GitHub repository and NPM package.
  • [COMMAND_EXECUTION]: Executes shell commands using the Bash tool to interact with the installed CLI and perform travel-related queries.
  • [DATA_EXFILTRATION]: Features a --deliver webhook: option that allows sending command output to external endpoints, which is a functional feature of the tool.
  • [PROMPT_INJECTION]: The skill processes $ARGUMENTS to determine which CLI command to execute, creating a potential surface for indirect injection. 1. Ingestion points: $ARGUMENTS in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash tool, seats-aero-pp-cli execution. 4. Sanitization: Absent; the skill passes user-provided strings directly to the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 05:29 PM
Security Audit — agent-trust-hub — pp-seats-aero