acc-psr-coding-style-knowledge
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The content consists of educational documentation and technical specifications for PHP coding standards. There are no attempts to override system prompts, bypass safety filters, or use adversarial role-play patterns.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were found. The analysis commands target project source code (e.g.,
src/) for style auditing purposes only. - [Obfuscation] (SAFE): All scripts, commands, and markdown content are in plain text. No Base64 encoding, zero-width characters, or homoglyphs were detected.
- [Remote Code Execution] (SAFE): The skill provides local detection patterns and a bash script for auditing. It does not download or execute remote scripts via
curl | bashor similar patterns. Referenced GitHub Actions are standard industry practices for CI/CD documentation. - [Indirect Prompt Injection] (LOW): The skill is designed to process external PHP source code for auditing. This represents a potential surface for indirect prompt injection if an attacker embeds instructions in comments within the code being audited. However, the skill provides specific static patterns for style detection rather than instructions for the agent to interpret natural language content within the source files.
- [Privilege Escalation] (SAFE): No use of
sudo,chmod 777, or other commands designed to elevate permissions or bypass security controls.
Audit Metadata