Skills
skills/dykyi-roman/awesome-claude-code/acc-check-file-io/Gen Agent Trust Hub

acc-check-file-io

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is designed to ingest and analyze untrusted external PHP source code. This creates a significant attack surface where instructions embedded in code comments or string literals could bypass the agent's logic.
  • Ingestion points: The skill uses Grep commands to scan all **/*.php files in a provided directory.
  • Boundary markers: No specific boundary markers or delimiters are defined to separate the untrusted PHP content from the agent's core instructions.
  • Capability inventory: The skill utilizes bash and Grep to execute searches across the filesystem. While it doesn't currently write files, the results of these searches influence the structured output provided to the user/agent.
  • Sanitization: No sanitization or filtering of the PHP file content is performed before processing or displaying it.
  • Command Execution (MEDIUM): The skill documentation includes raw bash grep patterns. If the agent executes these verbatim on a system, it could be vulnerable to argument injection or command chaining if the file paths or search terms are dynamically generated from user input.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:58 AM