php-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, such as prompt injection, data exfiltration, or code obfuscation, were detected in any of the analyzed files. The instructions are aligned with industry-standard development practices.
- [NO_CODE]: The skill consists exclusively of markdown documentation and configuration files. It does not include any executable scripts, binaries, or automation code that could pose a runtime security risk.
- [EXTERNAL_DOWNLOADS]: The skill contains references to external URLs for official PHP documentation and PSR standards (e.g., php.net, php-fig.org). These links are for informational purposes, targeting well-known and trusted technology organizations, and do not involve the automated download or execution of remote code.
- [SAFE]: While the skill's primary function is to process and review user-provided code—which technically presents an indirect prompt injection surface—the skill lacks any dangerous capabilities (such as network operations, file system access, or command execution) that would make such an injection exploitable.
Audit Metadata