create-docker-php-config
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a template-based generator that does not execute code, perform network requests to external domains, or download dependencies.
- [SAFE]: The generated PHP configuration includes security hardening measures such as 'expose_php = Off', 'allow_url_include = Off', and a 'disable_functions' list (including 'exec', 'system', 'shell_exec') to mitigate common attack vectors.
- [SAFE]: Security-critical session settings are configured with best practices, including 'session.use_strict_mode = 1', 'session.cookie_httponly = 1', and 'session.cookie_secure = 1'.
- [SAFE]: Verification commands are limited to local Docker environment checks ('docker exec') and local status monitoring ('curl http://localhost/status').
Audit Metadata