pp-steam-web

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data retrieved from Steam, such as news post content and user reviews, using commands like news search and review-velocity. This presents an indirect prompt injection surface where malicious instructions hidden in the external data could attempt to manipulate the agent's logic.
  • Ingestion points: The news search and review-velocity commands ingest external content from Steam into the processing pipeline within SKILL.md.
  • Boundary markers: No explicit delimiters or boundary markers are defined to separate untrusted data from the agent's instructions.
  • Capability inventory: The skill has access to the Bash tool and features built-in file writing and network transmission capabilities.
  • Sanitization: No sanitization or validation of the external content is specified before it is processed by the agent.
  • [DATA_EXFILTRATION]: The CLI utility includes a --deliver webhook:<url> feature that enables the agent to POST command results directly to an arbitrary external URL. While intended for automation, this provides a mechanism for sending sensitive information (such as API keys or user data) to an external endpoint if misused.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to install binary dependencies using npx from the @mvanhorn npm scope and go install from the github.com/mvanhorn/ GitHub repository. These downloads are associated with the official distribution channels of the skill's author.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 05:27 PM
Security Audit — agent-trust-hub — pp-steam-web