laravel-specialist
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill promotes secure coding practices by enforcing the use of Form Requests for input validation and Policies for authorization, effectively mitigating common web vulnerabilities.
- [EXTERNAL_DOWNLOADS]: Retrieves technical documentation from the official Laravel GitHub repository (github.com/laravel/docs) to ensure accuracy during development. This reference to a well-known framework repository is a standard development practice.
- [CREDENTIALS_UNSAFE]: Includes explicit instructions to avoid storing sensitive credentials in configuration files, recommending the use of environment variables (.env) for secure secret management.
- [SAFE]: Evaluated for potential indirect prompt injection surfaces associated with automated code generation and project analysis.
- Ingestion points: The skill analyzes project structure, including composer.json, configuration files, and route definitions in Phase 1.
- Boundary markers: Explicit markers for untrusted project data are not present.
- Capability inventory: The skill has the capability to generate PHP code (migrations, models, controllers) and execute Artisan CLI commands.
- Sanitization: The skill mandates the use of Laravel's built-in validation (Form Requests) and authorization (Policies) to sanitize and control data flow.
Audit Metadata