rhymix-dev
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it accepts untrusted input through the
$ARGUMENTSvariable and during the validation of external code snippets.\n - Ingestion points: Untrusted data enters the context via the
$ARGUMENTSplaceholder inSKILL.mdand through PHP or XML files provided by users for validation.\n - Boundary markers: Absent. The instructions do not specify delimiters or provide warnings to the agent to disregard instructions embedded within the analyzed content.\n
- Capability inventory: The skill is designed to generate and validate complex PHP classes and XML configurations capable of database manipulation, file system navigation, and HTTP request handling.\n
- Sanitization: Absent. There is no mention of sanitizing or escaping external content before the agent processes or interpolates it into prompts.\n- [SAFE]: References official Rhymix CMS documentation and manual pages hosted at
rhymix.org.
Audit Metadata