php-tooling
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation for PHP tooling (Composer, PHPStan, PHP-CS-Fixer). All suggested commands (e.g.,
composer require --dev,vendor/bin/phpstan) are standard industry practices for local development and CI/CD pipelines. - [SAFE]: Security best practices are explicitly encouraged, such as running
composer auditto check for known vulnerabilities and ensuring Xdebug is disabled in production environments to prevent sensitive data exposure. - [SAFE]: No suspicious network operations, obfuscation, or unauthorized file access patterns were detected. The dependency management instructions target well-known, official PHP ecosystem packages.
Audit Metadata