acc-check-query-efficiency
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior or bypass safety guidelines. The language used is purely instructional for the defined task.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or sensitive file paths (e.g., SSH keys, environment files) are present. The tool identifies standard PHP and SQL patterns.
- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs were detected. The content is clear and human-readable.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not reference or download any external packages (npm, pip) or remote scripts. It relies on standard grep patterns for local analysis.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted external data (PHP source code). While this creates an attack surface for indirect injection, the skill lacks write, execute, or network capabilities, restricting the risk to the agent's reasoning process.
- [Privilege Escalation] (SAFE): No commands involving sudo, chmod, or system-level permission changes are present.
- [Persistence Mechanisms] (SAFE): The skill does not attempt to modify shell profiles, cron jobs, or startup services.
Audit Metadata