pp-wikipedia
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
wikipedia-pp-clitool usingnpx(from the@mvanhorn/printing-presspackage) andgo install(fromgithub.com/mvanhorn/printing-press-library). These are vendor-owned resources used for the skill's primary function. - [COMMAND_EXECUTION]: The skill executes the
wikipedia-pp-clibinary to fetch Wikipedia data. It includes a documented--deliverflag that allows the agent to route output to the terminal, local files, or external webhooks. - [DATA_EXFILTRATION]: The
--deliver webhook:<url>flag enables sending tool output to external URLs. While this involves network operations to non-whitelisted domains, it is a transparent, functional feature of the CLI used for data export and integration. - [PROMPT_INJECTION]: The skill ingests article content from Wikipedia, which is an external user-editable source. This constitutes an indirect prompt injection surface.
- Ingestion points: Article summaries and HTML content are retrieved from Wikipedia via the
page get-summaryandpage get-htmlcommands. - Boundary markers: No specific delimiters or boundary markers are instructed for use when the agent processes the retrieved Wikipedia content.
- Capability inventory: The skill has the capability to write to the filesystem and perform network POST requests through the CLI's delivery parameters.
- Sanitization: The instructions do not specify any sanitization or filtering of the Wikipedia content before it is processed by the agent.
Audit Metadata