Can this skill help with existing security audits?

Absolutely. Claude can use this skill to analyze your existing codebase, identify insecure patterns like raw HTML output or unsafe queries, and suggest secure refactored alternatives.

Does this skill support frameworks like Laravel or Symfony?

Yes. While the skill focuses on core PHP security patterns and native functions, these principles form the foundation of all major PHP frameworks and are easily adaptable to framework-specific ORMs and template engines.

Does it cover modern password security?

Yes, it implements current industry standards for password storage using PHP's password_hash() API and provides guidance on secure session handling to prevent hijacking.

How does this skill prevent SQL injection?

It provides standardized patterns for using PDO prepared statements and parameter binding, ensuring that user-provided data is never directly interpolated into SQL queries.

PHP Security Patterns

Name: PHP Security Patterns
Author: TheBushidoCollective

byTheBushidoCollective

•

安全与测试

Implements industry-standard security patterns in PHP applications to prevent common vulnerabilities like SQL injection, XSS, and CSRF.

This skill equips Claude with specialized knowledge to architect and refactor PHP applications using proven security best practices. It provides implementation patterns for robust input validation, secure database interactions via PDO prepared statements, and context-aware output encoding to mitigate Cross-Site Scripting (XSS). Beyond basic protections, the skill covers defense-in-depth strategies including secure session management, CSRF token implementation, and modern password hashing, ensuring that PHP backends are resilient against the most common web-based attack vectors.

主要功能

0195 GitHub stars

02Prepared statement patterns for SQL injection prevention

03CSRF defense and session security management

04Context-specific output encoding for XSS protection

05Comprehensive input validation and sanitization filters

06Secure password hashing and sensitive data handling

使用场景

01Building secure user authentication and registration systems from scratch

02Refactoring legacy PHP codebases to resolve security vulnerabilities

03Hardening database layers and API endpoints against injection attacks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add thebushidocollective/han php-security-patterns

For use in Claude.ai and ChatGPT

Download Skill