Skills
skills/sirreal/agent-skills/wp-trac-search/Gen Agent Trust Hub

wp-trac-search

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The scripts/search.php script uses curl to fetch ticket data from https://core.trac.wordpress.org. This is the official ticket tracker for the WordPress project, which is a well-known and trusted service.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute a local PHP script (search.php). The agent is instructed to dynamically build command-line arguments (such as --summary and --description) based on the user's search criteria.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection.
  • Ingestion points: Untrusted, user-contributed content (ticket summaries and descriptions) is ingested from the WordPress Trac tracker via the scripts/search.php script.
  • Boundary markers: Absent. The search results are returned as a markdown table without clear delimiters or instructions to ignore potential commands embedded in the ticket data.
  • Capability inventory: The agent can execute bash commands via the tool definition in SKILL.md and perform network requests via the search script.
  • Sanitization: Absent. While the PHP script escapes markdown pipes to maintain table structure, it does not sanitize the text content for malicious instructions or prompt injection patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 12:04 AM