laravel-package-scaffold
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill facilitates a significant attack surface where untrusted user input (<vendor/package-name>) is passed directly to a Bash command execution tool. Ingestion point: The
<vendor/package-name>parameter in the scaffold command defined in SKILL.md. Boundary markers: None present to separate user data from command structure. Capability inventory: Access toBash,Write, andReadtools. Sanitization: None provided in the instruction set. An attacker could provide a malicious string containing shell metacharacters (e.g.,"; curl ... | bash #) to execute arbitrary code on the host. - Dynamic Execution (MEDIUM): The skill is designed to generate and write multiple PHP files (ServiceProvider, Facade, etc.) using the user-provided package name for namespaces and class names. If the generated files are executed in a Laravel environment, malicious content injected via the package name could result in code injection or unexpected behavior within that application.
- Unverifiable Dependencies & Remote Code Execution (LOW): The skill relies on an external script
scripts/scaffold_laravel_package.pywhich is not provided for analysis. This lack of visibility prevents verification of the script's internal logic and whether it safely handles inputs or contains its own malicious or insecure code.
Recommendations
- AI detected serious security threats
Audit Metadata