acc-create-phpstan-config
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is a documentation and template provider for PHPStan configurations. It does not contain any executable scripts, obfuscation, or data exfiltration logic.
- [COMMAND_EXECUTION] (LOW): The skill includes instructions for running standard PHPStan commands (e.g.,
vendor/bin/phpstan analyse). These are appropriate for the skill's primary purpose and do not involve privilege escalation. - [INDIRECT_PROMPT_INJECTION] (LOW): The generator instructions involve analyzing local project files like
composer.json. While this represents an ingestion point for external data, it is a standard operation for a configuration tool and is not associated with any dangerous capabilities in the skill itself.
Audit Metadata