pp-openipa
This CLI tool enables instant lookup of public administration entities in Italy, facilitating compliance checks and electronic invoicing.
Install this skill
or
80/100
Security score
The pp-openipa skill was audited on Jun 10, 2026 and we found 4 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 406
Webhook reference - potential data exfiltration
SourceSKILL.md
| 406 | | `webhook:<url>` | POST the output body to the URL (`application/json` or `application/x-ndjson` when `--compact`) | |
medium line 408
Webhook reference - potential data exfiltration
SourceSKILL.md
| 408 | Unknown schemes are refused with a structured error naming the supported set. Webhook failures return non-zero and log the URL + HTTP status on stderr. |
medium line 366
Access to hidden dotfiles in home directory
SourceSKILL.md
| 366 | Richiede un AUTH_ID gratuito da registrare su indicepa.gov.it (rilasciato immediatamente). Salvalo come variabile d'ambiente IPA_auth_id o in ~/.config/openipa/config.toml. |
medium line 394
Access to hidden dotfiles in home directory
SourceSKILL.md
| 394 | Entries are stored locally at `~/.openipa-pp-cli/feedback.jsonl`. They are never POSTed unless `OPENIPA_FEEDBACK_ENDPOINT` is set AND either `--send` is passed or `OPENIPA_FEEDBACK_AUTO_SEND=true`. De |
Scanned on Jun 10, 2026
View Security DashboardGitHub Stars 1.3K
Rate this skill
Categorysales
UpdatedJune 10, 2026
claudefrontenddocxgitapitestingbackendsdrcustomer-success-managerbusiness-developmentaccount-executivesales-operations🇮🇹 ITsales
mvanhorn/printing-press-library