saloon-laravel-integration
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust 'Human-In-The-Loop' (HITL) ritual for recording test fixtures. This process requires the agent to brief the user on needed state, wait for explicit permission, and prompt for cleanup, preventing autonomous handling of sensitive live credentials.
- [SAFE]: Architecturally enforces credential safety by mandating encryption for stored tokens (access/refresh) and providing specific warnings against serializing secrets into job payloads or log files.
- [SAFE]: Includes defensive instructions for webhook handling, such as mandatory signature verification (HMAC) and decoupling reception from processing to mitigate potential injection or DOS vectors.
- [SAFE]: Promotes the use of
InMemoryservice implementations for testing, which prevents external network calls and credential exposure during routine test execution. - [SAFE]: References to external resources, such as SaloonPHP plugins and the
fbarrento/data-factorypackage, are either well-known community services or legitimate tools owned by the skill's author.
Audit Metadata