pp-servicetitan-pricebook

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill includes instructions to install the servicetitan-pricebook-pp-cli tool using npx from the @mvanhorn/printing-press-library NPM package or go install from github.com/mvanhorn/printing-press-library. These sources are owned by the skill's author.
  • [COMMAND_EXECUTION]: The skill relies on executing the local servicetitan-pricebook-pp-cli binary to perform pricebook audits, search for parts, and manage categories.
  • [DATA_EXFILTRATION]: The CLI tool supports a --deliver webhook:<url> flag, which allows the agent to send command outputs to an arbitrary external URL. While an integration feature, it provides a mechanism for data transfer out of the environment.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface.
  • Ingestion points: The quote-reconcile and bulk-plan commands process external data from CSV and JSON files derived from vendor quotes and invoices (SKILL.md).
  • Boundary markers: The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded in the external data.
  • Capability inventory: The skill can execute local commands and send data to webhooks (SKILL.md).
  • Sanitization: There is no evidence of data validation or sanitization for external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:25 PM
Security Audit — agent-trust-hub — pp-servicetitan-pricebook