yii-knowledge
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Potential for Indirect Prompt Injection\n
- Ingestion points: The skill is intended to facilitate the analysis of user-provided PHP source code and project structures based on Yii3 patterns.\n
- Boundary markers: The documentation does not provide specific instructions or delimiters to distinguish between analyzed code content and agent instructions.\n
- Capability inventory: The skill provides several complex
GrepandGlobshell command patterns for project-wide code auditing.\n - Sanitization: No specific input sanitization or validation mechanisms are defined for the code being analyzed.\n- [EXTERNAL_DOWNLOADS]: References standard Yii3 framework components\n
- Evidence: The skill recommends installing official modular
yiisoft/*packages (such asyiisoft/di,yiisoft/router, andyiisoft/active-record) and well-known third-party libraries like Guzzle via the Composer package manager to implement application infrastructure.
Audit Metadata