acc-create-psalm-config
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): The skill primarily consists of XML templates and instructional documentation for configuring Psalm, a legitimate static analysis tool for PHP.
- [COMMAND_EXECUTION] (LOW): The skill includes shell commands for baseline generation (e.g.,
vendor/bin/psalm --set-baseline). These are standard usage patterns for the tool and are presented as documentation for the user/agent rather than hidden execution logic. - [EXTERNAL_DOWNLOADS] (LOW): References several well-known PHP community plugins (e.g.,
Psalm\PhpUnitPlugin\Plugin,Weirdan\DoctrinePsalmPlugin\Plugin) and standard GitHub Actions (shivammathur/setup-php). These are common dependencies in the PHP ecosystem and pose no immediate threat. - [DATA_EXPOSURE] (SAFE): The skill identifies
composer.jsonand existingpsalm.xmlas files to analyze for project context. It does not attempt to access sensitive system files or credentials.
Audit Metadata