typo3-update
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard architectural patterns and migration guides for TYPO3 developers. No malicious command execution, data exfiltration, or obfuscation was found.
- [PROMPT_INJECTION]: The skill documents surfaces for processing external data, such as Extbase Controllers and Fluid templates. Ingestion points include ItemController actions and ProcessCommand arguments. Boundary markers are absent, but the skill correctly advises caution when using high-risk viewhelpers like
<f:format.html>. Capability inventory includes database updates and backend authentication. Sanitization is handled by TYPO3's default auto-escaping. - [EXTERNAL_DOWNLOADS]: The skill references well-known community and official resources, including the
friendsoftypo3/content-blocksextension and theshivammathur/setup-phpGitHub Action, which are standard and trusted in the ecosystem.
Audit Metadata