check-file-io
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate auditing tool for PHP codebases. It identifies security and performance risks like path traversal (TOCTOU) and memory-intensive file reads, providing secure coding alternatives for each.
- [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration patterns were identified. All file paths used in examples are generic placeholders (e.g.,
/path/to/large-file.csv,/uploads/). - [COMMAND_EXECUTION]: The skill includes grep patterns for the agent to use when searching for code vulnerabilities. These are standard operational instructions for a static analysis tool and do not involve arbitrary command execution or privilege escalation.
Audit Metadata