pp-techmeme
Warn
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install external software using
npx -y @mvanhorn/printing-pressandgo install github.com/mvanhorn/printing-press-library/library/productivity/techmeme/cmd/techmeme-pp-cli@latest. These sources are controlled by the skill author but are not from established trusted organizations or well-known services. - [COMMAND_EXECUTION]: The skill uses the
Read Bashtool to execute thetechmeme-pp-clibinary. It instructs the agent to interpolate user-provided arguments directly into shell commands (e.g.,techmeme-pp-cli <command> [subcommand] [args] --agent). This pattern is vulnerable to command injection if the agent does not strictly sanitize the input before execution. - [DATA_EXFILTRATION]: The CLI supports an output delivery mechanism (
--deliver webhook:<url>) that can POST the results of any command to an arbitrary remote URL. This capability can be abused to exfiltrate data (such as processed headlines or local search results) to an attacker-controlled endpoint. - [DATA_EXFILTRATION]: The
feedbackcommand can be configured to automatically send data to a remote server via theTECHMEME_FEEDBACK_ENDPOINTenvironment variable and the--sendflag.
Audit Metadata