Skills
skills/ajbcoding/claude-skill-eval/moai-lang-php/Gen Agent Trust Hub

moai-lang-php

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [NO_CODE]: The skill is composed entirely of Markdown files and metadata. It does not include any executable code, scripts, or binary assets.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing untrusted external data.
  • Ingestion points: According to SKILL.md, the skill ingests language-specific source directories, configuration files, and test suites.
  • Boundary markers: The instructions lack any boundary markers or specific guidance to ignore or isolate instructions found within the files it reads.
  • Capability inventory: The skill uses the Bash (terminal) and Read (file system) tools, which provides a functional pathway for executing malicious instructions found in data.
  • Sanitization: There is no evidence of input validation or content sanitization processes for the data read from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:06 AM