pp-slickdeals

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and installs the slickdeals-pp-cli tool using npx from the @mvanhorn/printing-press-library npm package and the vendor's GitHub repository via go install.
  • [COMMAND_EXECUTION]: Relies on the execution of the slickdeals-pp-cli binary through shell commands to interact with Slickdeals data and maintain a local SQLite database.
  • [DATA_EXFILTRATION]: Features a --deliver webhook:<url> capability that allows the agent to POST command results to external URLs, creating a surface for potential data exfiltration if the agent is directed to transmit sensitive information.
  • [PROMPT_INJECTION]: Ingests and processes content from external Slickdeals RSS feeds, presenting an indirect prompt injection risk surface.
  • Ingestion points: RSS content retrieved through commands like hot, frontpage-fresh, search, and category (documented in SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are defined in the skill documentation.
  • Capability inventory: Shell command execution and network delivery via webhooks (documented in SKILL.md).
  • Sanitization: The skill does not specify any sanitization or validation protocols for the incoming RSS data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 09:20 AM
Security Audit — agent-trust-hub — pp-slickdeals