skills/appwrite/claude-plugin/php/Gen Agent Trust Hub

php

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill correctly uses environment variables (getenv) for handling sensitive information such as the Appwrite project ID and API key, avoiding hardcoded credentials.
  • [SAFE]: Installation instructions reference the official vendor package (appwrite/appwrite) via the standard PHP package manager (Composer).
  • [SAFE]: The skill provides explicit security warnings regarding resource permissions, specifically cautioning against the use of Role::any() for sensitive data or administrative actions.
  • [SAFE]: The server-side rendering (SSR) authentication section includes best-practice implementation details for session cookies, such as the httpOnly, secure, and sameSite flags, to protect against common web vulnerabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:00 PM
Security Audit — agent-trust-hub — php