kirby-ide-support

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's behavior is consistent with its stated purpose of providing IDE support.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it reads and processes user-controlled project files (templates, snippets, controllers, and models). Ingestion points include tools like 'kirby:kirby_templates_index'. The capability inventory includes the ability to edit project files and generate new PHP scripts via 'kirby:kirby_generate_ide_helpers'. No specific sanitization or boundary markers are defined, but the risk is assessed as safe given the development context.
  • [COMMAND_EXECUTION]: The skill utilizes several 'kirby:' tools to perform environment initialization, status checks, and file generation as part of its standard workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 07:48 AM
Security Audit — agent-trust-hub — kirby-ide-support