kirby-ide-support
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior is consistent with its stated purpose of providing IDE support.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it reads and processes user-controlled project files (templates, snippets, controllers, and models). Ingestion points include tools like 'kirby:kirby_templates_index'. The capability inventory includes the ability to edit project files and generate new PHP scripts via 'kirby:kirby_generate_ide_helpers'. No specific sanitization or boundary markers are defined, but the risk is assessed as safe given the development context.
- [COMMAND_EXECUTION]: The skill utilizes several 'kirby:' tools to perform environment initialization, status checks, and file generation as part of its standard workflow.
Audit Metadata