pp-flight-goat
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to download and install a command-line interface and an MCP server.
- [REMOTE_CODE_EXECUTION]: The skill facilitates the installation and execution of remote packages via npx and go install to provide its core functionality. Evidence: npx -y @mvanhorn/printing-press install flight-goat --cli-only and go install github.com/mvanhorn/printing-press-library/library/travel/flight-goat/cmd/flight-goat-pp-cli@latest in SKILL.md.
- [DATA_EXFILTRATION]: The documented CLI tool includes a feature to deliver output to arbitrary webhooks, which could be used to transmit data to external servers. Evidence: The --deliver webhook: flag and the FLIGHT_GOAT_FEEDBACK_ENDPOINT configuration in SKILL.md.
- [PROMPT_INJECTION]: The skill processes untrusted data from external flight and airport APIs, creating a surface for indirect prompt injection.
- Ingestion points: External API responses from FlightAware and Google Flights processed by the flights, airports, and alerts commands in SKILL.md.
- Boundary markers: A JSON response envelope is used to wrap results, though no specific instructions to ignore embedded commands are present in SKILL.md.
- Capability inventory: The skill utilizes the Bash tool to execute commands and manage local files as seen in the Direct Use section of SKILL.md.
- Sanitization: No explicit sanitization or filtering of the external API content is documented in SKILL.md.
- [COMMAND_EXECUTION]: The skill relies on the execution of a binary (flight-goat-pp-cli) via the Bash tool to perform its primary functions. Evidence: Use of flight-goat-pp-cli [subcommand] [args] --agent in the Direct Use section of SKILL.md.
Audit Metadata