php-tpl-audit
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted PHP source code as its primary input to perform security audits. This creates a risk of indirect prompt injection, where an attacker could embed malicious instructions within the source code (e.g., inside comments or string literals) to influence the agent's behavior, skip detections, or manipulate the final report content.
- Ingestion points: Ingests PHP source code files for analysis.
- Boundary markers: The prompt does not specify the use of delimiters or 'ignore' instructions to isolate the analyzed code from the agent's core logic.
- Capability inventory: The skill is instructed to write detailed reports to the local file system (using the path
{output_path}/vuln_audit/tpl_{timestamp}.md), which could be targeted by a successful injection to write arbitrary content. - Sanitization: There are no instructions provided to sanitize or filter the input source code for embedded natural language instructions before processing.
Audit Metadata