code-pattern-checker
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches development guidelines and security practices from the author's official GitHub Pages (https://camoa.github.io/dev-guides/). These are vendor-provided resources used to inform the code analysis process.
- [COMMAND_EXECUTION]: The skill uses Bash to identify changed files via git diff and suggests running standard development linters and static analysis tools such as phpcs, phpstan, and npm. These operations are transparent and consistent with the skill's purpose as a code quality gate.
- [PROMPT_INJECTION]: Indirect prompt injection surface identified. Ingestion points: PHP and CSS files read for analysis (SKILL.md). Boundary markers: Absent. Capability inventory: Bash for file listing and Read for file content (SKILL.md). Sanitization: Absent. The skill's function is limited to reporting, which mitigates the risk of accidental obedience to instructions found within the audited code content.
Audit Metadata