ysl-web
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill describes a legitimate web application structure using Laravel 12 and PHP 8.3. It implements standard architectural patterns for a frontend gateway.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known PHP libraries including Guzzle HTTP Client, Intervention Image, and Simple QRCode. These are widely recognized packages in the Laravel ecosystem and are used according to their intended purposes.
- [DATA_EXFILTRATION]: While the skill performs network requests, they are directed to a backend API server (configured via environment variables) as part of the application's documented core functionality. API keys are handled using standard Laravel configuration practices (env/config).
- [COMMAND_EXECUTION]: No evidence of subprocess spawning, shell command execution, or other dangerous system-level operations was found in the provided code snippets or instructions.
- [PROMPT_INJECTION]: The skill instructions are focused on development workflows and do not contain any attempts to override agent behavior, bypass safety filters, or extract system prompts.
Audit Metadata