pp-sncf-connect
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
sncf-connect-pp-clitool usingnpx -y @mvanhorn/printing-press. This package belongs to the vendor's namespace and is used for setup. - [COMMAND_EXECUTION]: The skill relies on executing shell commands, including
npxfor installation and thesncf-connect-pp-clibinary for data retrieval and management tasks. - [DATA_EXFILTRATION]: The CLI tool includes a
--deliver webhook:<url>feature that allows routing command output to an external HTTP endpoint. While this is a documented feature of the tool, it represents a capability for data transfer to remote systems. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes data from the Navitia API (
navitia.io). - Ingestion points: Data is ingested through API responses when calling
sncf-connect-pp-clicommands (e.g.,coverage get,places get). - Boundary markers: The skill uses the
--agentflag which enforces JSON output (--json), providing structured data boundaries. - Capability inventory: Uses the
Bashtool to execute the CLI and theReadtool to access local configuration files. - Sanitization: No explicit sanitization of the API response content is mentioned in the skill instructions.
Audit Metadata