The Agent Skills Directory

[SAFE]: The skill provides structured instructions for security researchers to audit PHP source code for expression injection vulnerabilities. It correctly identifies dangerous functions and data flow patterns.
[SAFE]: No unauthorized data exfiltration, hardcoded credentials, or remote code execution vulnerabilities were found.
[SAFE]: The skill analyzes untrusted source code, creating an indirect prompt injection surface. Ingestion points: PHP project source code. Boundary markers: None specified. Capability inventory: File system writes and tool execution. Sanitization: None described. This surface is inherent to the auditing function and no evidence of malicious intent or exploitation patterns was found within the skill instructions.

php-expr-audit