The Agent Skills Directory

[SAFE]: The skill is purely instructional and does not contain executable scripts or malicious patterns. It outlines a systematic approach for security researchers to audit code for SSRF vulnerabilities.- [PROMPT_INJECTION]: The skill processes untrusted PHP source code, creating a potential surface for indirect prompt injection where malicious instructions inside the audited code could attempt to manipulate the audit output. 1. Ingestion points: PHP project source code. 2. Boundary markers: None specified in the markdown instructions. 3. Capability inventory: Writing audit reports to the file system using the output_path variable. 4. Sanitization: No sanitization or escaping of input source code is described.

php-ssrf-audit