This covers the essential security patterns you need for PHP applications: input validation, SQL injection prevention, XSS protection, CSRF defense, secure password handling, session security, and file upload protection. It's from thebushidocollective's han repository, which has 165 stars and passes all three security audits. Use this when you're building PHP apps that handle user data, authentication, or payments. The defensive approach is solid, focusing on multiple layers rather than single solutions. Good fit if you want Claude to follow established security practices instead of reinventing protection mechanisms or making assumptions about what's safe in a PHP context.
npx skills add https://github.com/thebushidocollective/han --skill php-security-patterns