Skills
skills/mvanhorn/printing-press-library/pp-ebay/Gen Agent Trust Hub

pp-ebay

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install a binary tool using npx -y @mvanhorn/printing-press and go install github.com/mvanhorn/printing-press-library. These resources are hosted on NPM and GitHub under the author's namespace.
  • [COMMAND_EXECUTION]: The skill relies on the execution of the ebay-pp-cli binary to perform searches, price comparisons, and authentication checks. It uses the Read Bash tool to invoke these commands.
  • [DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook:<url> argument that enables the agent to POST command output (such as eBay search results or item details) to an arbitrary external URL. Furthermore, the auth login process involves extracting sensitive authentication cookies from the user's local Chrome browser.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from the web by scraping active and completed eBay listings.
  • Ingestion points: Data enters the agent's context through the listings, sold, and item commands defined in SKILL.md.
  • Boundary markers: There are no instructions for the agent to use delimiters or ignore embedded instructions when processing scraped content.
  • Capability inventory: The skill can perform shell commands, write to the local filesystem via the --deliver file: flag, and send data to the network via the webhook: sink.
  • Sanitization: The instructions do not specify any sanitization, filtering, or validation of the content retrieved from eBay.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 05:55 PM