livewire-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found. The skill correctly identifies that Livewire requests should be treated as HTTP requests requiring validation and authorization.
- Obfuscation (SAFE): No hidden or encoded content (Base64, zero-width characters, etc.) was identified.
- Unverifiable Dependencies & RCE (SAFE): The skill references standard development commands (e.g.,
php artisan) but does not download or execute untrusted scripts or packages. - Privilege Escalation (SAFE): No commands requesting elevated permissions (e.g.,
sudo,chmod) were found. - Persistence Mechanisms (SAFE): No attempts to maintain access across sessions or modify system startup configurations were detected.
- Metadata Poisoning (SAFE): Metadata fields are descriptive and accurately reflect the skill's purpose.
- Indirect Prompt Injection (LOW): While the skill uses
search-docsto ingest external data, it explicitly warns users to validate form data and run authorization checks, mitigating standard injection risks in the context of web development. - Time-Delayed / Conditional Attacks (SAFE): No logic gating malicious behavior based on time or specific conditions was found.
- Dynamic Execution (SAFE): The skill provides static code templates for development and does not generate or execute code dynamically from untrusted sources.
Audit Metadata