pp-emailoctopus

Facilitates advanced EmailOctopus API operations, enabling efficient subscriber management and campaign reporting for email marketers.

Install this skill

84/100

Security score

The pp-emailoctopus skill was audited on Jun 6, 2026 and we found 4 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 252

Webhook reference - potential data exfiltration

SourceSKILL.md

252	\| `webhook:<url>` \| POST the output body to the URL (`application/json` or `application/x-ndjson` when `--compact`) \|

medium line 254

Webhook reference - potential data exfiltration

SourceSKILL.md

254	Unknown schemes are refused with a structured error naming the supported set. Webhook failures return non-zero and log the URL + HTTP status on stderr.

medium line 240

Access to hidden dotfiles in home directory

SourceSKILL.md

240	Entries are stored locally at `~/.emailoctopus-pp-cli/feedback.jsonl`. They are never POSTed unless `EMAILOCTOPUS_FEEDBACK_ENDPOINT` is set AND either `--send` is passed or `EMAILOCTOPUS_FEEDBACK_AUTO

low line 196

External URL reference

SourceSKILL.md

196	Generate a v2 key at https://api.emailoctopus.com/developer/api-keys/create and export it as `EMAILOCTOPUS_API_KEY`. Keys created before October 2024 are v1-only and will return 401 against the v2 API

Scanned on Jun 6, 2026

View Security Dashboard

Installation guide →

GitHub Stars 1.4K

Rate this skill

Categorymarketing

UpdatedJune 10, 2026

claude frontend notion react docx git api database testing backend email-marketer growth-marketer content-marketer marketing

mvanhorn/printing-press-library