saas-seeder
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires running local PowerShell scripts (
setup-database.ps1,fix-database.ps1) and Composer commands to initialize the database and install project dependencies. It also instructs the user to modify the PowerShell execution policy to allow these scripts to run. - [EXTERNAL_DOWNLOADS]: Fetches reputable PHP development tools and testing frameworks (e.g., PHPStan, PHP CS Fixer, Pest) from the official Composer registry.
- [PROMPT_INJECTION]: The skill relies on reading user-supplied requirements and schema documentation to customize the project setup, which presents an indirect injection surface.
- Ingestion points: Files located in
docs/project-requirements/anddatabase/schema/(e.g.,requirements.md,core-schema.sql). - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when the agent reads these files.
- Capability inventory: The agent possesses capabilities to create and modify sensitive files (such as
.env), manage database schemas, and execute command-line tools via Composer. - Sanitization: No validation or sanitization is performed on the content of the documentation before the agent acts on its instructions.
Audit Metadata