symfony
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive security-focused guidelines for Symfony 7+ development.
- [SAFE]: It explicitly warns against SQL injection by mandating the use of setParameter() for query values in Doctrine ORM.
- [SAFE]: The documentation reinforces protection against Cross-Site Scripting (XSS) by highlighting Twig's auto-escaping and advising against the |raw filter on untrusted data.
- [SAFE]: Security best practices for authentication and authorization are included, such as mandatory password hashing and the use of the Voter pattern for fine-grained access control.
- [SAFE]: Guidance on environment configuration emphasizes using environment variables for secrets and avoiding hardcoded sensitive values.
Audit Metadata