php-the-right-way
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation-based extension that provides guidelines for PHP developers. It focuses on modern standards (PHP 8.2+, PSR standards) and security best practices (SQL injection prevention, XSS mitigation, and secure password hashing).
- [SAFE]: Dependency management advice is centered around Composer and includes well-known, trusted packages from the PHP ecosystem such as PHPUnit, PHPStan, PHP CS Fixer, Monolog, and phpdotenv.
- [SAFE]: Security workflows explicitly instruct the agent to check for common vulnerabilities like hardcoded credentials, raw SQL strings, and missing output escaping, which enhances the overall security posture of the code produced or reviewed by the agent.
- [SAFE]: Guidance on environment variables (via phpdotenv) correctly identifies best practices, such as never committing
.envfiles to version control.
Audit Metadata