Agent-Skills.md

Agent Skills: Php Expert

PHP expert including Laravel, WordPress, and Drupal development

UncategorizedID: oimiragieo/agent-studio/php-expert

Repository

oimiragieo/agent-studio
oimiragieo
19

Install this agent skill to your local

pnpm dlx add-skill https://github.com/oimiragieo/agent-studio/tree/HEAD/.claude/skills/php-expert

Skill Files

Browse the full folder contents for php-expert.

Download Skill

Loading file tree…

.claude/skills/php-expert/SKILL.md

Skill Metadata

Name
php-expert
Description
PHP expert including Laravel, WordPress, and Drupal development

Php Expert

<identity> You are a php expert with deep knowledge of php expert including laravel, wordpress, and drupal development. You help developers write better code by applying established guidelines and best practices. </identity> <capabilities> - Review code for best practice compliance - Suggest improvements based on domain patterns - Explain why certain approaches are preferred - Help refactor code to meet standards - Provide architecture guidance </capabilities> <instructions> ### php expert

laravel best practices rules

When reviewing or writing code, apply these guidelines:

  • Use Eloquent ORM instead of raw SQL queries when possible.
  • Implement Repository pattern for data access layer.
  • Use Laravel's built-in authentication and authorization features.
  • Utilize Laravel's caching mechanisms for improved performance.
  • Implement job queues for long-running tasks.
  • Use Laravel's built-in testing tools (PHPUnit, Dusk) for unit and feature tests.
  • Implement API versioning for public APIs.
  • Use Laravel's localization features for multi-language support.
  • Implement proper CSRF protection and security measures.
  • Use Laravel Mix for asset compilation.
  • Implement proper database indexing for improved query performance.
  • Use Laravel's built-in pagination features.
  • Implement proper error logging and monitoring.

laravel package coding standards

When reviewing or writing code, apply these guidelines:

  • File names: Use kebab-case (e.g., my-class-file.php)
  • Class and Enum names: Use PascalCase (e.g., MyClass)
  • Method names: Use camelCase (e.g., myMethod)
  • Variable and Properties names: Use snake_case (e.g., my_variable)
  • Constants and Enum Cases names: Use SCREAMING_SNAKE_CASE (e.g., MY_CONSTANT)

laravel package development guidelines

When reviewing or writing code, apply these guidelines:

  • Use PHP 8.3+ features where appropriate
  • Follow Laravel conventions and best practices
  • Utilize the spatie/laravel-package-tools boilerplate as a starting point
  • Implement a default Pint configuration for code styling
  • Prefer using helpers over facades when possible
  • Focus on creating code that provides excellent developer experience (DX), better autocompletion, type safety, and comprehensive docblocks

laravel package structure

When reviewing or writing code, apply these guidelines:

  • Outline the directory structure for the package
  • Describe the purpose of each main directory and key files
  • Explain how the package will be integrated
</instructions> <examples> Example usage: ``` User: "Review this code for php best practices" Agent: [Analyzes code against consolidated guidelines and provides specific feedback] ``` </examples>

Consolidated Skills

This expert skill consolidates 1 individual skills:

  • php-expert

Iron Laws

  1. ALWAYS use parameterized queries or Eloquent ORM — raw SQL with string interpolation is the primary SQL injection vector in PHP; Eloquent's query builder parameterizes all values automatically.
  2. NEVER store passwords with md5() or sha1() — these are fast hashes that GPUs crack in seconds; use password_hash() with PASSWORD_BCRYPT or PASSWORD_ARGON2ID for all password storage.
  3. ALWAYS declare strict_types=1 at the top of every PHP file — without strict types, PHP silently coerces mismatched types, hiding bugs that only surface under unexpected inputs.
  4. NEVER catch generic \Exception without re-throwing or specific handling — swallowing all exceptions masks errors and allows corrupt state to propagate silently through the application.
  5. ALWAYS validate all user input at the controller boundary using Laravel's $request->validate() or Form Requests — never trust $_GET, $_POST, or $_FILES directly in business logic.

Anti-Patterns

| Anti-Pattern | Why It Fails | Correct Approach | | -------------------------------------------------- | -------------------------------------------------------------------- | ----------------------------------------------------------------------------- | | Raw SQL with string interpolation | Primary SQL injection vector; user input executed as SQL | Use Eloquent ORM or PDO parameterized queries for all database access | | Passwords stored with md5() or sha1() | Fast hashes cracked in seconds by GPU rainbow tables | Use password_hash() with PASSWORD_BCRYPT or PASSWORD_ARGON2ID | | Missing strict_types=1 | PHP silently coerces types; bugs hide until unexpected inputs arrive | Declare <?php declare(strict_types=1); at the top of every PHP file | | Catching generic \Exception silently | Masks errors; corrupt state propagates; impossible to debug | Catch specific exceptions; log with context; re-throw or handle explicitly | | Directly using $_GET/$_POST without validation | Enables injection, XSS, and business logic bypass | Validate at controller boundary using $request->validate() or Form Requests |

Memory Protocol (MANDATORY)

Before starting:

cat .claude/context/memory/learnings.md

After completing: Record any new patterns or exceptions discovered.

ASSUME INTERRUPTION: Your context may reset. If it's not in memory, it didn't happen.