laravel-debugging
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [Privilege Escalation] (HIGH): The script
scripts/install-xdebug.shusessudoto perform system-level tasks including package installation viaapt-get, extension installation viapecl, and writing configuration files to protected PHP directory structures. Modifying system-wide PHP configurations can impact other applications on the host. - [Remote Code Execution] (HIGH): The
scripts/install-xdebug.shfile contains a pattern to download and pipe a script directly to bash (curl -fsSL ... | bash) for the Homebrew installer. While the source domain (GitHub) is within the [TRUST-SCOPE-RULE], the method of execution is a high-severity pattern. - [Command Execution] (MEDIUM): The skill facilitates the execution of arbitrary PHP code via Xdebug's
evalcommand and various Laravelartisancommands. Thescripts/setup-vscode.shscript automatically creates atasks.jsonfile which defines several shell tasks (php artisan migrate:fresh, etc.) that the agent can trigger. - [Indirect Prompt Injection] (HIGH): The skill is designed to ingest and analyze output from
dd()anddump()calls within a Laravel application. - Ingestion points:
capture_last_dump()andanalyze_recent_dump()inSKILL.mdread application data. - Boundary markers: No specific delimiters or instructions are provided to the agent to treat this data as untrusted.
- Capability inventory: The skill possesses the ability to write files (via
scripts/setup-vscode.sh) and execute system commands with elevated privileges (viascripts/install-xdebug.sh). - Sanitization: None detected. Malicious instructions embedded in application variables or database records that are subsequently 'dumped' could be interpreted by the agent as instructions.
Recommendations
- AI detected serious security threats
Audit Metadata