The Agent Skills Directory

[SAFE]: The skill provides static analysis patterns and documentation for security researchers. No malicious behaviors such as data exfiltration, obfuscation, or unauthorized remote code execution were detected.
[COMMAND_EXECUTION]: The skill includes pre-defined 'grep' commands for searching codebases. These are restricted to search operations and are consistent with the skill's stated purpose of vulnerability detection.
[PROMPT_INJECTION]: The skill analyzes external PHP code (ingestion point) but lacks high-risk capabilities like network access or file-system modification, rendering the indirect injection risk minimal. Evidence: Ingestion points: PHP source files; Boundary markers: Absent; Capability inventory: shell grep; Sanitization: Absent.

check-csrf-protection