ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 4/5

PHP

Write solid PHP avoiding type juggling traps, array quirks, and common security pitfalls.

Why use this skill?

Enhance your PHP development with the OpenClaw PHP skill. Learn to write secure, strict-typed, and robust code by avoiding common pitfalls like type juggling and SQL injection.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/ivangdavila/php
Or

What This Skill Does

The PHP skill for OpenClaw provides a robust framework for generating, auditing, and refactoring PHP code. It is designed to mitigate the specific linguistic quirks of PHP, such as loose typing, unexpected array behavior, and historical security vulnerabilities. By enforcing modern coding standards and strict typing, this skill ensures that generated code is production-ready, readable, and resilient against common exploits like SQL injection and XSS.

Installation

To integrate this skill into your OpenClaw environment, execute the following command in your terminal: clawhub install openclaw/skills/skills/ivangdavila/php

Use Cases

This skill is ideal for:

  • Refactoring legacy codebases to enforce strict_types and replace unsafe type-juggling patterns.
  • Generating secure boilerplate for web services, ensuring PDO is used for database interactions instead of concatenation.
  • Implementing modern object-oriented architectures using traits, interfaces, and late static binding.
  • Troubleshooting complex array manipulation issues where loose comparison behavior often causes logic errors.
  • Enforcing security best practices by automatically applying htmlspecialchars to outputs and validating user inputs.

Example Prompts

  1. "Refactor this legacy user authentication module to use PDO prepared statements and enable strict type checking."
  2. "Explain why in_array is returning unexpected results in my validation logic and provide the strict comparison fix."
  3. "Write a PHP 8+ class that uses constructor property promotion and attributes to validate an email address input."

Tips & Limitations

To maximize the utility of this skill, always include declare(strict_types=1); at the top of your scripts. Remember that while this skill assists in generating secure code, it is not a replacement for security audits; always use static analysis tools like PHPStan or Psalm in your CI/CD pipeline. Be aware that the skill prioritizes multibyte string functions (mb_*) over standard functions; ensure your environment has the mbstring extension enabled. Avoid using the error suppression operator @ at all costs, as the skill will flag it as a code-quality violation that hinders debugging.

Read Full Documentation on GitHub

Metadata

Author@ivangdavila
Stars2102
Views8
Updated2026-03-06
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-ivangdavila-php": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#php#backend#web-development#coding#security
Safety Score: 4/5

Flags: code-execution

Related Skills

Animations

Create performant web animations with proper accessibility and timing.

ivangdavila 2190

Arduino

Develop Arduino projects avoiding common wiring, power, and code pitfalls.

ivangdavila 2190

Bulgarian

Write Bulgarian that sounds human. Not formal, not robotic, not AI-generated.

ivangdavila 2190

Arabic

Write Arabic that sounds human. Not formal, not robotic, not AI-generated.

ivangdavila 2190

Assistant

Manage tasks, communications, and scheduling with proactive and organized support.

ivangdavila 2190