fixture-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill demonstrates a high-risk capability by processing external migration data to perform file-writing operations, which is a primary vector for indirect prompt injection. 1. Ingestion points: Migration files located in config/Migrations/. 2. Boundary markers: Absent; no delimiters are defined to isolate untrusted content. 3. Capability inventory: File system write access for fixture creation and PHP code generation. 4. Sanitization: Absent; the skill does not specify any filtering or validation of migration content before it is used in code generation.
Recommendations
- AI detected serious security threats
Audit Metadata