laravel-owasp-security
Warn
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill directs the agent to inspect sensitive environment configuration files to ensure security compliance.\n
- Evidence: SKILL.md and AGENTS.md include checks for the .env file to verify configuration details such as APP_KEY and database credentials.\n- [PROMPT_INJECTION]: The skill processes untrusted user-provided source code, creating a potential surface for indirect prompt injection.\n
- Ingestion points: The agent analyzes files and code snippets provided as input.\n
- Boundary markers: There are no instructions for using delimiters to isolate user code during processing.\n
- Capability inventory: The skill is instructional and does not perform autonomous operations like network calls or file modifications.\n
- Sanitization: Audited code is not sanitized or filtered before analysis.
Audit Metadata