laravel-dtos
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure (SAFE): The guides describe preserving
rawDatain DTOs. This is a standard practice for auditing and debugging external API integrations (Stripe, PayPal) and does not represent a security flaw. - Remote Code Execution (SAFE): All code snippets use standard Laravel/PHP functions (
data_get,match,Factory::guessFactoryNamesUsing). There are no calls toeval(),exec(), or unsafe deserialization. - Indirect Prompt Injection (SAFE): While the pattern involves processing untrusted external data, the transformers perform explicit type mapping and do not interpolate data into LLM prompts within the scope of these files.
Audit Metadata