Skills
skills/mvanhorn/printing-press-library/pp-movie-goat/Gen Agent Trust Hub

pp-movie-goat

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of external binaries from GitHub and NPM repositories. Specifically, it provides instructions to use npx -y @mvanhorn/printing-press install and go install github.com/mvanhorn/printing-press-library/... to fetch and install the required tools.
  • [COMMAND_EXECUTION]: The skill's operation relies on executing the movie-goat-pp-cli binary via the shell, passing user-provided arguments to various subcommands and utility functions like which.
  • [DATA_EXFILTRATION]: The movie-goat-pp-cli tool includes a --deliver webhook:<url> flag that enables the agent to POST command output to arbitrary remote URLs. Additionally, the tool features a feedback mechanism that can be configured to automatically transmit data to a remote endpoint if the MOVIE_GOAT_FEEDBACK_AUTO_SEND environment variable is set to true.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 05:38 PM