ask-laravel-mechanic
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill provides instructions for executing shell commands including tail, grep, and php artisan. Specifically, SKILL.md contains a command using shell substitution: tail -n 50 storage/logs/laravel-$(date +%Y-%m-%d).log. This pattern can be exploited if the execution environment allows arbitrary command substitution. Additionally, the grep instructions provide a template where unvalidated user input might be directly inserted into a shell command string.
- DATA_EXFILTRATION (MEDIUM): The skill explicitly directs the agent to read application log files (storage/logs/laravel.log) and database records via php artisan tinker. Application logs are high-value targets that frequently contain PII, session identifiers, or internal system configurations.
- PROMPT_INJECTION (LOW): An indirect prompt injection surface exists because the agent is instructed to process and act upon untrusted data from log files and database documents. 1. Ingestion point: storage/logs/laravel.log (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Shell execution (tail, grep), PHP execution (tinker). 4. Sanitization: Absent. The lack of sanitization or delimiters when processing these logs could allow an attacker to influence the agent's behavior via crafted log entries.
Audit Metadata