Skills
skills/dykyi-roman/awesome-claude-code/acc-create-psr6-cache/Gen Agent Trust Hub

acc-create-psr6-cache

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): Unsafe Deserialization in PHP Templates. Found in references/templates.md. The RedisCachePool::getItem and FileCachePool::getItem methods use the PHP unserialize() function on data retrieved from external storage (Redis and local files) without validation. An attacker who can control the storage content can trigger PHP Object Injection, leading to arbitrary code execution.
  • [COMMAND_EXECUTION] (MEDIUM): Insecure File Permissions. Found in references/templates.md. The FileCachePool constructor uses mkdir($directory, 0777, true), which creates world-writable directories. This is a security risk on multi-user systems and exacerbates the risk of cache tampering.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 09:56 AM