pp-hackernews
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of the
hackernews-pp-cliandhackernews-pp-mcpbinaries via the shell to interact with Hacker News data. - [EXTERNAL_DOWNLOADS]: Installs the required binaries from the author's public repositories using
npx(@mvanhorn/printing-press) andgo install(github.com/mvanhorn/printing-press-library). - [DATA_EXFILTRATION]: The CLI tool supports a
--deliver webhook:<url>flag and afeedbackcommand that can transmit command results or feedback to external endpoints. While designed for data routing, this capability could be used to send information to unauthorized third-party servers. - [PROMPT_INJECTION]: The skill ingests untrusted content from the Hacker News API (stories and comments), which introduces a surface for indirect prompt injection. A malicious post on Hacker News could contain instructions meant to influence the agent's behavior.
- Ingestion points: Commands such as
stories,items, andsearch(in SKILL.md). - Boundary markers: No specific delimiters or instructions to ignore embedded content are implemented.
- Capability inventory: Shell command execution and network delivery via webhooks.
- Sanitization: No sanitization of the retrieved content is mentioned before it is processed by the agent.
Audit Metadata