php-thinkphp-audit
CommunityThinkPHP security audits mapped to real risks.
Software Engineering#static-analysis#auth#csrf#security-audit#mass-assignment#thinkphp#template-security
Author0xShe
Version1.0.0
Installs0
System Documentation
What problem does it solve?
ThinkPHP 项目在安全审计中缺乏系统化的静态分析工具。本 Skill 针对 ThinkPHP 框架的常见安全机制(鉴权、CSRF、模板转义、Mass Assignment、调试与配置暴露等)进行白盒静态审计,并将结果映射到通用漏洞类型体系。
Core Features & Use Cases
- 将 ThinkPHP 项目源码作为输入,识别并标注认证/权限控制薄弱点、CSRF 保护缺失、模板输出风险、Mass Assignment 漏洞入口、调试与配置暴露等问题。
- 将分析结果映射到 AUTH / CSRF / TPL / LOGIC / CFG 等通用风险类别,便于跨框架对比与修复优先级排序。
- 产出可追溯的证据链和可操作的修复建议,帮助开发者在上线前进行回归验证。
Quick Start
ThinkPHP 项目根目录作为输入,运行审计以输出框架审计报告.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: php-thinkphp-audit Download link: https://github.com/0xShe/PHP-Code-Audit-Skill/archive/main.zip#php-thinkphp-audit Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.