sast-psalm
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill directs the agent to execute './vendor/bin/psalm'. This is a high-risk pattern because the executable path is relative to the project being analyzed. A malicious repository could include a malicious script at this path to achieve arbitrary command execution when the agent attempts to run the security scan.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill recommends installing 'vimeo/psalm' via composer. While Psalm is a standard security tool, instructions to download and install packages from sources not explicitly in the trusted organization list at runtime present a supply-chain risk.
- INDIRECT_PROMPT_INJECTION (MEDIUM): Ingestion points: PHP source files and 'psalm-results.json' file. Boundary markers: Absent. Capability inventory: Shell command execution (Psalm) and subsequent parsing of the tool's JSON output. Sanitization: Absent. A malicious project could craft source code that causes Psalm to produce output designed to manipulate the agent's reasoning or reporting during the parsing phase.
Recommendations
- AI detected serious security threats
Audit Metadata