generate-laravel-project-overview
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it interprets untrusted project data to generate instructions for downstream agent tasks.
- Ingestion points: The agent is directed to analyze the 'codebase' in SKILL.md.
- Boundary markers: The prompt lacks delimiters or specific instructions to ignore malicious directives found within code comments, strings, or documentation in the analyzed files.
- Capability inventory: The agent possesses the capability to write to the file system (specifically
.ai/guidelines/project.md), which is explicitly used to guide other AI coding agents. - Sanitization: No sanitization, filtering, or validation steps are defined to prevent external content from influencing the generated guidelines.
Audit Metadata