acc-check-fallback-strategy
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted PHP source code, creating a potential ingestion surface for malicious instructions.
- Ingestion points: Processes PHP files identified via grep patterns in infrastructure and application directories.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions within the analyzed code.
- Capability inventory: The skill's capabilities are limited to generating markdown reports and descriptions; it lacks file-write, network access, or command execution capabilities.
- Sanitization: No sanitization or filtering of the analyzed content is defined before its inclusion in the output.
- NO_CODE (SAFE): The skill consists entirely of markdown instructions, grep search patterns, and code examples for static analysis, with no embedded executable scripts or automation routines.
Audit Metadata