create-mediator
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill files. The content consists of standard PHP boilerplate and unit tests.\n- [NO_CODE]: The skill does not contain any executable scripts or binaries; it is entirely composed of Markdown documentation and text-based templates for code generation.\n- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by using untrusted user input to populate templates for file paths and class contents.\n
- Ingestion points: User-provided values for Mediator name, context, and colleagues specified in the input requirements of SKILL.md.\n
- Boundary markers: Absent; templates use direct interpolation of placeholders such as {Name} and {Context}.\n
- Capability inventory: The agent is instructed to create multiple PHP files in the local src/ and tests/ directories.\n
- Sanitization: No sanitization logic is provided in the instructions, but the risk is assessed as safe as it is associated with the intended primary purpose of the skill as a template generator.
Audit Metadata