scaffold-filament-resource
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill uses instructional language like 'Critical' and 'MUST' to enforce architectural standards (Separation of Concerns), not to bypass safety filters or override agent behavior.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations were detected. The code snippets provided are generic templates.
- Obfuscation (SAFE): The content is clear and readable with no hidden characters, encoding, or homoglyphs.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill mentions standard Laravel CLI commands (php artisan) for local development but does not attempt to download or execute remote scripts.
- Privilege Escalation & Persistence (SAFE): No commands related to system privilege modification or persistence mechanisms (cron, startup scripts) are present.
- Indirect Prompt Injection (LOW): While the skill guides the generation of code based on user input, it does not ingest untrusted external data or have capabilities that would facilitate an automated attack. The risk is negligible as it serves as a static development template.
Audit Metadata