pp-alaska-airlines

Enables users to search Alaska Airlines flights and check Atmos Rewards balance via command line with offline caching.

Install this skill

70/100

Security score

The pp-alaska-airlines skill was audited on Jun 6, 2026 and we found 4 security issues across 3 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 267

Webhook reference - potential data exfiltration

SourceSKILL.md

267	\| `webhook:<url>` \| POST the output body to the URL (`application/json` or `application/x-ndjson` when `--compact`) \|

medium line 269

Webhook reference - potential data exfiltration

SourceSKILL.md

269	Unknown schemes are refused with a structured error naming the supported set. Webhook failures return non-zero and log the URL + HTTP status on stderr.

medium line 255

Access to hidden dotfiles in home directory

SourceSKILL.md

255	Entries are stored locally at `~/.alaska-airlines-pp-cli/feedback.jsonl`. They are never POSTed unless `ALASKA_AIRLINES_FEEDBACK_ENDPOINT` is set AND either `--send` is passed or `ALASKA_AIRLINES_FEED

high line 213

Access to system keychain/keyring

SourceSKILL.md

213	Run `auth login --chrome` once. It extracts Alaska's cookies from your logged-in Chrome profile (AS_ACNT, AS_NAME, guestsession, ASSession, etc.) via your macOS keychain. Future commands replay them v

Scanned on Jun 6, 2026

View Security Dashboard

Installation guide →

GitHub Stars 1.4K

Rate this skill

Categorysales

UpdatedJune 10, 2026

claude frontend docx git api database testing backend customer-success-manager business-development sales-engineer sales

mvanhorn/printing-press-library