Skills
skills/firecrawl/agent-skills/wp-phpstan/Gen Agent Trust Hub

wp-phpstan

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of local commands like composer run and vendor/bin/phpstan to perform static analysis.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it parses project-controlled configuration files to determine which commands the agent should execute.
  • Ingestion points: Project files composer.json, phpstan.neon, and phpstan.neon.dist are read by the scripts/phpstan_inspect.mjs script.
  • Boundary markers: No delimiters or isolation instructions are used to process these external inputs.
  • Capability inventory: The skill possesses the capability to execute shell commands and modify local files.
  • Sanitization: The skill does not validate or sanitize the content of the scripts or configuration parameters discovered in the analyzed repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 03:43 PM