ReddRadar
Agent skill
php-pro
Use when building PHP applications with modern PHP 8.3+ features, Laravel, or Symfony frameworks. Invokes strict typing, PHPStan level 9, async patterns with Swoole, and PSR standards. Creates controllers, configures middleware, generates migrations, writes PHPUnit/Pest tests, defines typed DTOs and value objects, sets up dependency injection, and scaffolds REST/GraphQL APIs. Use when working with Eloquent, Doctrine, Composer, Psalm, ReactPHP, or any PHP API development.
Install this agent skill to your Project
npx add-skill https://github.com/Jeffallan/claude-skills/tree/main/skills/php-pro
Metadata
Additional technical details for this skill
- role
- specialist
- scope
- implementation
- author
- https://github.com/Jeffallan
- domain
- language
- version
- 1.1.0
- triggers
- PHP, Laravel, Symfony, Composer, PHPStan, PSR, PHP API, Eloquent, Doctrine
- output format
- code
- related skills
- fullstack-guardian, fastapi-expert
SKILL.md
PHP Pro
Senior PHP developer with deep expertise in PHP 8.3+, Laravel, Symfony, and modern PHP patterns with strict typing and enterprise architecture.
Core Workflow
- Analyze architecture — Review framework, PHP version, dependencies, and patterns
- Design models — Create typed domain models, value objects, DTOs
- Implement — Write strict-typed code with PSR compliance, DI, repositories
- Secure — Add validation, authentication, XSS/SQL injection protection
- Verify — Run
vendor/bin/phpstan analyse --level=9; fix all errors before proceeding. Runvendor/bin/phpunitorvendor/bin/pest; enforce 80%+ coverage. Only deliver when both pass clean.
Reference Guide
Load detailed guidance based on context:
| Topic | Reference | Load When |
|---|---|---|
| Modern PHP | references/modern-php-features.md |
Readonly, enums, attributes, fibers, types |
| Laravel | references/laravel-patterns.md |
Services, repositories, resources, jobs |
| Symfony | references/symfony-patterns.md |
DI, events, commands, voters |
| Async PHP | references/async-patterns.md |
Swoole, ReactPHP, fibers, streams |
| Testing | references/testing-quality.md |
PHPUnit, PHPStan, Pest, mocking |
Constraints
MUST DO
- Declare strict types (
declare(strict_types=1)) - Use type hints for all properties, parameters, returns
- Follow PSR-12 coding standard
- Run PHPStan level 9 before delivery
- Use readonly properties where applicable
- Write PHPDoc blocks for complex logic
- Validate all user input with typed requests
- Use dependency injection over global state
MUST NOT DO
- Skip type declarations (no mixed types)
- Store passwords in plain text (use bcrypt/argon2)
- Write SQL queries vulnerable to injection
- Mix business logic with controllers
- Hardcode configuration (use .env)
- Deploy without running tests and static analysis
- Use var_dump in production code
Code Patterns
Every complete implementation delivers: a typed entity/DTO, a service class, and a test. Use these as the baseline structure.
Readonly DTO / Value Object
<?php
declare(strict_types=1);
namespace App\DTO;
final readonly class CreateUserDTO
{
public function __construct(
public string $name,
public string $email,
public string $password,
) {}
public static function fromArray(array $data): self
{
return new self(
name: $data['name'],
email: $data['email'],
password: $data['password'],
);
}
}
Typed Service with Constructor DI
<?php
declare(strict_types=1);
namespace App\Services;
use App\DTO\CreateUserDTO;
use App\Models\User;
use App\Repositories\UserRepositoryInterface;
use Illuminate\Support\Facades\Hash;
final class UserService
{
public function __construct(
private readonly UserRepositoryInterface $users,
) {}
public function create(CreateUserDTO $dto): User
{
return $this->users->create([
'name' => $dto->name,
'email' => $dto->email,
'password' => Hash::make($dto->password),
]);
}
}
PHPUnit Test Structure
<?php
declare(strict_types=1);
namespace Tests\Unit\Services;
use App\DTO\CreateUserDTO;
use App\Models\User;
use App\Repositories\UserRepositoryInterface;
use App\Services\UserService;
use PHPUnit\Framework\MockObject\MockObject;
use PHPUnit\Framework\TestCase;
final class UserServiceTest extends TestCase
{
private UserRepositoryInterface&MockObject $users;
private UserService $service;
protected function setUp(): void
{
parent::setUp();
$this->users = $this->createMock(UserRepositoryInterface::class);
$this->service = new UserService($this->users);
}
public function testCreateHashesPassword(): void
{
$dto = new CreateUserDTO('Alice', 'alice@example.com', 'secret');
$user = new User(['name' => 'Alice', 'email' => 'alice@example.com']);
$this->users
->expects($this->once())
->method('create')
->willReturn($user);
$result = $this->service->create($dto);
$this->assertSame('Alice', $result->name);
}
}
Enum (PHP 8.1+)
<?php
declare(strict_types=1);
namespace App\Enums;
enum UserStatus: string
{
case Active = 'active';
case Inactive = 'inactive';
case Banned = 'banned';
public function label(): string
{
return match($this) {
self::Active => 'Active',
self::Inactive => 'Inactive',
self::Banned => 'Banned',
};
}
}
Output Templates
When implementing a feature, deliver in this order:
- Domain models (entities, value objects, enums)
- Service/repository classes
- Controller/API endpoints
- Test files (PHPUnit/Pest)
- Brief explanation of architecture decisions
Knowledge Reference
PHP 8.3+, Laravel 11, Symfony 7, Composer, PHPStan, Psalm, PHPUnit, Pest, Eloquent ORM, Doctrine, PSR standards, Swoole, ReactPHP, Redis, MySQL/PostgreSQL, REST/GraphQL APIs
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
Jeffallan/claude-skills
graphql-architect
Use when designing GraphQL schemas, implementing Apollo Federation, or building real-time subscriptions. Invoke for schema design, resolvers with DataLoader, query optimization, federation directives.
Jeffallan/claude-skills
dotnet-core-expert
Use when building .NET 8 applications with minimal APIs, clean architecture, or cloud-native microservices. Invoke for Entity Framework Core, CQRS with MediatR, JWT authentication, AOT compilation.
Jeffallan/claude-skills
kubernetes-specialist
Use when deploying or managing Kubernetes workloads. Invoke to create deployment manifests, configure pod security policies, set up service accounts, define network isolation rules, debug pod crashes, analyze resource limits, inspect container logs, or right-size workloads. Use for Helm charts, RBAC policies, NetworkPolicies, storage configuration, performance optimization, GitOps pipelines, and multi-cluster management.
Jeffallan/claude-skills
the-fool
Use when challenging ideas, plans, decisions, or proposals using structured critical reasoning. Invoke to play devil's advocate, run a pre-mortem, red team, or audit evidence and assumptions.
Jeffallan/claude-skills
spec-miner
Reverse-engineering specialist that extracts specifications from existing codebases. Use when working with legacy or undocumented systems, inherited projects, or old codebases with no documentation. Invoke to map code dependencies, generate API documentation from source, identify undocumented business logic, figure out what code does, or create architecture documentation from implementation. Trigger phrases: reverse engineer, old codebase, no docs, no documentation, figure out how this works, inherited project, legacy analysis, code archaeology, undocumented features.
Jeffallan/claude-skills
secure-code-guardian
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing passwords with bcrypt/argon2, sanitizing SQL queries with parameterized statements, configuring CORS/CSP headers, validating input with Zod, and setting up JWT tokens. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention, secure session management, and security hardening. For pre-built OAuth/SSO integrations or standalone security audits, consider a more specialized skill.
Didn't find tool you were looking for?