openui-forge-php
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implementation follows standard security practices for Laravel applications, including the use of configuration files for secrets and structured request validation.
- [EXTERNAL_DOWNLOADS]: The skill references legitimate packages from the OpenUI project (@openuidev/*) and the Laravel framework, which are standard for building generative UI applications.
- [DATA_EXFILTRATION]: Network operations are restricted to the official OpenAI API endpoints (or a user-configured base URL) for the purpose of generating completions. Sensitive data like the API key is handled through secure configuration patterns.
- [PROMPT_INJECTION]: The skill provides a backend for processing user messages. While it prepends a system prompt from a local file to guide the model, the application follows a standard pattern for LLM integration where user content is forwarded to an external provider, which is the intended purpose of the skill.
Audit Metadata