acc-check-magic-values
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill analyzes untrusted external PHP code via grep. Evidence Chain: 1. Ingestion: PHP files via file system search; 2. Boundary markers: Absent; 3. Capability inventory: Reporting and display only; 4. Sanitization: Absent. The risk is limited to the agent misinterpreting analysis results based on malicious code content.
- [Data Exposure] (SAFE): No sensitive file access or network operations are present. Placeholder credentials in examples are generic and used for illustrative detection patterns.
- [Remote Code Execution] (SAFE): No commands for downloading or executing remote code were found. No dynamic execution or package management operations are defined.
Audit Metadata