phoenix-static-files
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGH
Full Analysis
- [No Issues Detected] (SAFE): The skill contains legitimate configuration guidance for Phoenix Framework applications.
- [False Positive Alert] (INFO): The automated scanner alert for 'file.co' appears to be a false positive. It likely matched the Elixir property access 'file.content_type' found in the code snippets. No actual network requests to 'file.co' are present in the skill's logic.
- [Security Best Practices] (INFO): The skill explicitly promotes secure coding by warning against path traversal and XSS, and provides examples of how to sanitize user input.
- [Indirect Prompt Injection Surface] (INFO): The skill targets files related to web endpoints and routers. While this is an ingestion surface, the skill provides defensive coding patterns to mitigate risks associated with untrusted data.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata