security-scan
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses various shell tools including
composer audit,bin/magento,find,grep, andcurlto perform system-level audits and code scanning. - [DATA_EXFILTRATION]: The skill contains logic to probe for sensitive file paths such as
.env,.git/config, andsystem.log. It performs network requests viacurlto external domains to verify if these files are publicly accessible, which constitutes a network probing behavior. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ingestion of untrusted external content without sufficient sanitization or boundary markers.
- Ingestion points: Processes contents of local files in
app/code/, output from binary execution (composer,magento), and headers from external network requests. - Boundary markers: No delimiters or instructions to ignore instructions embedded in the scanned data are provided.
- Capability inventory: The skill has access to shell execution, filesystem manipulation, and database queries via MCP integrations.
- Sanitization: There is no evidence of validation or escaping for data retrieved from the filesystem or network before it is processed by the agent.
Audit Metadata