typo3-batch
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes standard local PHP development tools, including
php -l(linting),composer normalize, andvendor/bin/phpunit, to verify the integrity of code changes. These commands are executed as part of the intended refactoring process. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingest untrusted data by scanning the local codebase during the 'Research' phase. Instructions hidden in comments or metadata within the project files could potentially influence the agent's decomposition or execution logic.
- Ingestion points: Local codebase files (PHP, TCA, Fluid, YAML, SQL) scanned during research.
- Boundary markers: None specified to delimit ingested code from instructions.
- Capability inventory: File system write access and execution of PHP-based CLI tools.
- Sanitization: No explicit sanitization of codebase content before processing is mentioned.
Audit Metadata