openui-forge-php

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implementation follows standard security practices for Laravel applications, including the use of configuration files for secrets and structured request validation.
  • [EXTERNAL_DOWNLOADS]: The skill references legitimate packages from the OpenUI project (@openuidev/*) and the Laravel framework, which are standard for building generative UI applications.
  • [DATA_EXFILTRATION]: Network operations are restricted to the official OpenAI API endpoints (or a user-configured base URL) for the purpose of generating completions. Sensitive data like the API key is handled through secure configuration patterns.
  • [PROMPT_INJECTION]: The skill provides a backend for processing user messages. While it prepends a system prompt from a local file to guide the model, the application follows a standard pattern for LLM integration where user content is forwarded to an external provider, which is the intended purpose of the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 02:34 AM
Security Audit — agent-trust-hub — openui-forge-php