composer-upgrade
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill documents the use of standard PHP Composer commands for dependency management tasks. All commands are used for their intended purposes.
- [EXTERNAL_DOWNLOADS] (LOW): Running 'composer update' involves fetching third-party packages from external registries like Packagist. While expected behavior, it is a form of external code retrieval.
- [PROMPT_INJECTION] (LOW): An indirect prompt injection surface is present because the skill processes untrusted data from the local project environment. Ingestion points: Analyzes 'composer.json', 'composer.lock', and CLI command output. Boundary markers: None explicitly defined for the agent to distinguish data from instructions. Capability inventory: Performs multiple shell executions via 'composer' and 'jq'. Sanitization: No specific content sanitization or validation is described.
Audit Metadata