Skills
skills/mvanhorn/printing-press-library/pp-sentry/Gen Agent Trust Hub

pp-sentry

Warn

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's instruction logic directs the agent to execute shell commands using user-supplied input from $ARGUMENTS (e.g., sentry-pp-cli $ARGUMENTS --agent). This pattern is susceptible to command injection if the agent does not strictly validate or sanitize the input before execution.
  • [DATA_EXFILTRATION]: The documented sentry-pp-cli tool includes a --deliver webhook:<url> feature. This capability allows the output of any command—which may include sensitive Sentry organization, project, or event data—to be sent to an arbitrary external URL provided by the user or an attacker.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install executable binaries from external sources, including GitHub (github.com/mvanhorn/...) and the npm registry (@mvanhorn/printing-press). These resources are associated with the vendor 'mvanhorn'.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 12, 2026, 10:01 PM