Skills
skills/mvanhorn/printing-press-library/pp-wikipedia/Gen Agent Trust Hub

pp-wikipedia

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install CLI tools from repositories on GitHub and NPM associated with the author's workspace.
  • [REMOTE_CODE_EXECUTION]: Installation instructions utilize npx and go install to fetch and install code from remote sources.
  • [COMMAND_EXECUTION]: The skill allows the agent to execute a binary tool with an option to write output directly to the local file system via a --deliver file: parameter.
  • [DATA_EXFILTRATION]: The provided CLI tool includes a --deliver webhook: feature that enables the agent to send data to arbitrary external webhooks.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by combining external data ingestion with powerful capabilities:
  • Ingestion points: Data is retrieved from the Wikipedia REST API, including article text and HTML (SKILL.md).
  • Boundary markers: No specific delimiters or safety instructions are provided to help the agent distinguish article content from instructions.
  • Capability inventory: The skill uses shell access, local file writing, and network POST requests (SKILL.md).
  • Sanitization: No mechanisms are described for sanitizing or validating retrieved article content before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 05:58 PM