diff --git a/prompts/coding/php_microscope_forensic_codebase_autopsy_protocol_1104.md b/prompts/coding/php_microscope_forensic_codebase_autopsy_protocol_1104.md
new file mode 100644
index 0000000..a9ab3bc
--- /dev/null
+++ b/prompts/coding/php_microscope_forensic_codebase_autopsy_protocol_1104.md
@@ -0,0 +1,514 @@
+---
+title: "PHP Microscope: Forensic Codebase Autopsy Protocol"
+contributor: "@ersinkoc"
+tags: #coding, #ersinkoc
+---
+
+# COMPREHENSIVE PHP CODEBASE REVIEW
+
+You are an expert PHP code reviewer with 20+ years of experience in enterprise web development, security auditing, performance optimization, and legacy system modernization. Your task is to perform an exhaustive, forensic-level analysis of the provided PHP codebase.
+
+## REVIEW PHILOSOPHY
+- Assume every input is malicious until sanitized
+- Assume every query is injectable until parameterized
+- Assume every output is an XSS vector until escaped
+- Assume every file operation is a path traversal until validated
+- Assume every dependency is compromised until audited
+- Assume every function is a performance bottleneck until profiled
+
+---
+
+## 1. TYPE SYSTEM ANALYSIS (PHP 7.4+/8.x)
+
+### 1.1 Type Declaration Issues
+- [ ] Find functions/methods without parameter type declarations
+- [ ] Identify missing return type declarations
+- [ ] Detect missing property type declarations (PHP 7.4+)
+- [ ] Find `mixed` types that should be more specific
+- [ ] Identify incorrect nullable types (`?Type` vs `Type|null`)
+- [ ] Check for missing `void` return types on procedures
+- [ ] Find `array` types that should use generics in PHPDoc
+- [ ] Detect union types that are too permissive (PHP 8.0+)
+- [ ] Identify intersection types opportunities (PHP 8.1+)
+- [ ] Check for proper `never` return type usage (PHP 8.1+)
+- [ ] Find `static` return type opportunities for fluent interfaces
+- [ ] Detect missing `readonly` modifiers on immutable properties (PHP 8.1+)
+- [ ] Identify `readonly` classes opportunities (PHP 8.2+)
+- [ ] Check for proper enum usage instead of constants (PHP 8.1+)
+
+### 1.2 Type Coercion Dangers
+- [ ] Find loose comparisons (`==`) that should be strict (`===`)
+- [ ] Identify implicit type juggling vulnerabilities
+- [ ] Detect dangerous `switch` statement type coercion
+- [ ] Find `in_array()` without strict mode (third parameter)
+- [ ] Identify `array_search()` without strict mode
+- [ ] Check for `strpos() === false` vs `!== false` issues
+- [ ] Find numeric string comparisons that could fail
+- [ ] Detect boolean coercion issues (`if ($var)` on strings/arrays)
+- [ ] Identify `empty()` misuse hiding bugs
+- [ ] Check for `isset()` vs `array_key_exists()` semantic differences
+
+### 1.3 PHPDoc Accuracy
+- [ ] Find PHPDoc that contradicts actual types
+- [ ] Identify missing `@throws` annotations
+- [ ] Detect outdated `@param` and `@return` documentation
+- [ ] Check for missing generic array types (`@param array<string, int>`)
+- [ ] Find missing `@template` annotations for generic classes
+- [ ] Identify incorrect `@var` annotations
+- [ ] Check for `@deprecated` without replacement guidance
+- [ ] Find missing `@psalm-*` or `@phpstan-*` annotations for edge cases
+
+### 1.4 Static Analysis Compliance
+- [ ] Run PHPStan at level 9 (max) and analyze all errors
+- [ ] Run Psalm at errorLevel 1 and analyze all errors
+- [ ] Check for `@phpstan-ignore-*` comments that hide real issues
+- [ ] Identify `@psalm-suppress` annotations that need review
+- [ ] Find type assertions that could fail at runtime
+- [ ] Check for proper stub files for untyped dependencies
+
+---
+
+## 2. NULL SAFETY & ERROR HANDLING
+
+### 2.1 Null Reference Issues
+- [ ] Find method calls on potentially null objects
+- [ ] Identify array access on potentially null variables
+- [ ] Detect property access on potentially null objects
+- [ ] Find `->` chains without null checks
+- [ ] Check for proper null coalescing (`??`) usage
+- [ ] Identify nullsafe operator (`?->`) opportunities (PHP 8.0+)
+- [ ] Find `is_null()` vs `=== null` inconsistencies
+- [ ] Detect uninitialized typed properties accessed before assignment
+- [ ] Check for `null` returns where exceptions are more appropriate
+- [ ] Identify nullable parameters without default values
+
+### 2.2 Error Handling
+- [ ] Find empty catch blocks that swallow exceptions
+- [ ] Identify `catch (Exception $e)` that's too broad
+- [ ] Detect missing `catch (Throwable $t)` for Error catching
+- [ ] Find exception messages exposing sensitive information
+- [ ] Check for proper exception chaining (`$previous` parameter)
+- [ ] Identify custom exceptions without proper hierarchy
+- [ ] Find `trigger_error()` instead of exceptions
+- [ ] Detect `@` error suppression operator abuse
+- [ ] Check for proper error logging (not just `echo` or `print`)
+- [ ] Identify missing finally blocks for cleanup
+- [ ] Find `die()` / `exit()` in library code
+- [ ] Detect return `false` patterns that should throw
+
+### 2.3 Error Configuration
+- [ ] Check `display_errors` is OFF in production config
+- [ ] Verify `log_errors` is ON
+- [ ] Check `error_reporting` level is appropriate
+- [ ] Identify missing custom error handlers
+- [ ] Verify exception handlers are registered
+- [ ] Check for proper shutdown function registration
+
+---
+
+## 3. SECURITY VULNERABILITIES
+
+### 3.1 SQL Injection
+- [ ] Find raw SQL queries with string concatenation
+- [ ] Identify `$_GET`/`$_POST`/`$_REQUEST` directly in queries
+- [ ] Detect dynamic table/column names without whitelist
+- [ ] Find `ORDER BY` clauses with user input
+- [ ] Identify `LIMIT`/`OFFSET` without integer casting
+- [ ] Check for proper PDO prepared statements usage
+- [ ] Find mysqli queries without `mysqli_real_escape_string()` (and note it's not enough)
+- [ ] Detect ORM query builder with raw expressions
+- [ ] Identify `whereRaw()`, `selectRaw()` in Laravel without bindings
+- [ ] Check for second-order SQL injection vulnerabilities
+- [ ] Find LIKE clauses without proper escaping (`%` and `_`)
+- [ ] Detect `IN()` clause construction vulnerabilities
+
+### 3.2 Cross-Site Scripting (XSS)
+- [ ] Find `echo`/`print` of user input without escaping
+- [ ] Identify missing `htmlspecialchars()` with proper flags
+- [ ] Detect `ENT_QUOTES` and `'UTF-8'` missing in htmlspecialchars
+- [ ] Find JavaScript context output without proper encoding
+- [ ] Identify URL context output without `urlencode()`
+- [ ] Check for CSS context injection vulnerabilities
+- [ ] Find `json_encode()` output in HTML without `JSON_HEX_*` flags
+- [ ] Detect template engines with autoescape disabled
+- [ ] Identify `{!! $var !!}` (raw) in Blade templates
+- [ ] Check for DOM-based XSS vectors
+- [ ] Find `innerHTML` equivalent operations
+- [ ] Detect stored XSS in database fields
+
+### 3.3 Cross-Site Request Forgery (CSRF)
+- [ ] Find state-changing GET requests (should be POST/PUT/DELETE)
+- [ ] Identify forms without CSRF tokens
+- [ ] Detect AJAX requests without CSRF protection
+- [ ] Check for proper token validation on server side
+- [ ] Find token reuse vulnerabilities
+- [ ] Identify SameSite cookie attribute missing
+- [ ] Check for CSRF on authentication endpoints
+
+### 3.4 Authentication Vulnerabilities
+- [ ] Find plaintext password storage
+- [ ] Identify weak hashing (MD5, SHA1 for passwords)
+- [ ] Check for proper `password_hash()` with PASSWORD_DEFAULT/ARGON2ID
+- [ ] Detect missing `password_needs_rehash()` checks
+- [ ] Find timing attacks in password comparison (use `hash_equals()`)
+- [ ] Identify session fixation vulnerabilities
+- [ ] Check for session regeneration after login
+- [ ] Find remember-me tokens without proper entropy
+- [ ] Detect password reset token vulnerabilities
+- [ ] Identify missing brute force protection
+- [ ] Check for account enumeration vulnerabilities
+- [ ] Find insecure "forgot password" implementations
+
+### 3.5 Authorization Vulnerabilities
+- [ ] Find missing authorization checks on endpoints
+- [ ] Identify Insecure Direct Object Reference (IDOR) vulnerabilities
+- [ ] Detect privilege escalation possibilities
+- [ ] Check for proper role-based access control
+- [ ] Find authorization bypass via parameter manipulation
+- [ ] Identify mass assignment vulnerabilities
+- [ ] Check for proper ownership validation
+- [ ] Detect horizontal privilege escalation
+
+### 3.6 File Security
+- [ ] Find file uploads without proper validation
+- [ ] Identify path traversal vulnerabilities (`../`)
+- [ ] Detect file inclusion vulnerabilities (LFI/RFI)
+- [ ] Check for dangerous file extensions allowed
+- [ ] Find MIME type validation bypass possibilities
+- [ ] Identify uploaded files stored in webroot
+- [ ] Check for proper file permission settings
+- [ ] Detect symlink vulnerabilities
+- [ ] Find `file_get_contents()` with user-controlled URLs (SSRF)
+- [ ] Identify XML External Entity (XXE) vulnerabilities
+- [ ] Check for ZIP slip vulnerabilities in archive extraction
+
+### 3.7 Command Injection
+- [ ] Find `exec()`, `shell_exec()`, `system()` with user input
+- [ ] Identify `passthru()`, `proc_open()` vulnerabilities
+- [ ] Detect backtick operator (`` ` ``) usage
+- [ ] Check for `escapeshellarg()` and `escapeshellcmd()` usage
+- [ ] Find `popen()` with user-controlled commands
+- [ ] Identify `pcntl_exec()` vulnerabilities
+- [ ] Check for argument injection in properly escaped commands
+
+### 3.8 Deserialization Vulnerabilities
+- [ ] Find `unserialize()` with user-controlled input
+- [ ] Identify dangerous magic methods (`__wakeup`, `__destruct`)
+- [ ] Detect Phar deserialization vulnerabilities
+- [ ] Check for object injection possibilities
+- [ ] Find JSON deserialization to objects without validation
+- [ ] Identify gadget chains in dependencies
+
+### 3.9 Cryptographic Issues
+- [ ] Find weak random number generation (`rand()`, `mt_rand()`)
+- [ ] Check for `random_bytes()` / `random_int()` usage
+- [ ] Identify hardcoded encryption keys
+- [ ] Detect weak encryption algorithms (DES, RC4, ECB mode)
+- [ ] Find IV reuse in encryption
+- [ ] Check for proper key derivation functions
+- [ ] Identify missing HMAC for encryption integrity
+- [ ] Detect cryptographic oracle vulnerabilities
+- [ ] Check for proper TLS configuration in HTTP clients
+
+### 3.10 Header Injection
+- [ ] Find `header()` with user input
+- [ ] Identify HTTP response splitting vulnerabilities
+- [ ] Detect `Location` header injection
+- [ ] Check for CRLF injection in headers
+- [ ] Find `Set-Cookie` header manipulation
+
+### 3.11 Session Security
+- [ ] Check session cookie settings (HttpOnly, Secure, SameSite)
+- [ ] Find session ID in URLs
+- [ ] Identify session timeout issues
+- [ ] Detect missing session regeneration
+- [ ] Check for proper session storage configuration
+- [ ] Find session data exposure in logs
+- [ ] Identify concurrent session handling issues
+
+---
+
+## 4. DATABASE INTERACTIONS
+
+### 4.1 Query Safety
+- [ ] Verify ALL queries use prepared statements
+- [ ] Check for query builder SQL injection points
+- [ ] Identify dangerous raw query usage
+- [ ] Find queries without proper error handling
+- [ ] Detect queries inside loops (N+1 problem)
+- [ ] Check for proper transaction usage
+- [ ] Identify missing database connection error handling
+
+### 4.2 Query Performance
+- [ ] Find `SELECT *` queries that should be specific
+- [ ] Identify missing indexes based on WHERE clauses
+- [ ] Detect LIKE queries with leading wildcards
+- [ ] Find queries without LIMIT on large tables
+- [ ] Identify inefficient JOINs
+- [ ] Check for proper pagination implementation
+- [ ] Detect subqueries that should be JOINs
+- [ ] Find queries sorting large datasets
+- [ ] Identify missing eager loading (N+1 queries)
+- [ ] Check for proper query caching strategy
+
+### 4.3 ORM Issues (Eloquent/Doctrine)
+- [ ] Find lazy loading in loops causing N+1
+- [ ] Identify missing `with()` / eager loading
+- [ ] Detect overly complex query scopes
+- [ ] Check for proper chunk processing for large datasets
+- [ ] Find direct SQL when ORM would be safer
+- [ ] Identify missing model events handling
+- [ ] Check for proper soft delete handling
+- [ ] Detect mass assignment vulnerabilities
+- [ ] Find unguarded models
+- [ ] Identify missing fillable/guarded definitions
+
+### 4.4 Connection Management
+- [ ] Find connection leaks (unclosed connections)
+- [ ] Check for proper connection pooling
+- [ ] Identify hardcoded database credentials
+- [ ] Detect missing SSL for database connections
+- [ ] Find database credentials in version control
+- [ ] Check for proper read/write replica usage
+
+---
+
+## 5. INPUT VALIDATION & SANITIZATION
+
+### 5.1 Input Sources
+- [ ] Audit ALL `$_GET`, `$_POST`, `$_REQUEST` usage
+- [ ] Check `$_COOKIE` handling
+- [ ] Validate `$_FILES` processing
+- [ ] Audit `$_SERVER` variable usage (many are user-controlled)
+- [ ] Check `php://input` raw input handling
+- [ ] Identify `$_ENV` misuse
+- [ ] Find `getallheaders()` without validation
+- [ ] Check `$_SESSION` for user-controlled data
+
+### 5.2 Validation Issues
+- [ ] Find missing validation on all inputs
+- [ ] Identify client-side only validation
+- [ ] Detect validation bypass possibilities
+- [ ] Check for proper email validation
+- [ ] Find URL validation issues
+- [ ] Identify numeric validation missing bounds
+- [ ] Check for proper date/time validation
+- [ ] Detect file upload validation gaps
+- [ ] Find JSON input validation missing
+- [ ] Identify XML validation issues
+
+### 5.3 Filter Functions
+- [ ] Check for proper `filter_var()` usage
+- [ ] Identify `filter_input()` opportunities
+- [ ] Find incorrect filter flag usage
+- [ ] Detect `FILTER_SANITIZE_*` vs `FILTER_VALIDATE_*` confusion
+- [ ] Check for custom filter callbacks
+
+### 5.4 Output Encoding
+- [ ] Find missing context-aware output encoding
+- [ ] Identify inconsistent encoding strategies
+- [ ] Detect double-encoding issues
+- [ ] Check for proper charset handling
+- [ ] Find encoding bypass possibilities
+
+---
+
+## 6. PERFORMANCE ANALYSIS
+
+### 6.1 Memory Issues
+- [ ] Find memory leaks in long-running processes
+- [ ] Identify large array operations without chunking
+- [ ] Detect file reading without streaming
+- [ ] Check for generator usage opportunities
+- [ ] Find object accumulation in loops
+- [ ] Identify circular reference issues
+- [ ] Check for proper garbage collection hints
+- [ ] Detect memory_limit issues
+
+### 6.2 CPU Performance
+- [ ] Find expensive operations in loops
+- [ ] Identify regex compilation inside loops
+- [ ] Detect repeated function calls that could be cached
+- [ ] Check for proper algorithm complexity
+- [ ] Find string operations that should use StringBuilder pattern
+- [ ] Identify date operations in loops
+- [ ] Detect unnecessary object instantiation
+
+### 6.3 I/O Performance
+- [ ] Find synchronous file operations blocking execution
+- [ ] Identify unnecessary disk reads
+- [ ] Detect missing output buffering
+- [ ] Check for proper file locking
+- [ ] Find network calls in loops
+- [ ] Identify missing connection reuse
+- [ ] Check for proper stream handling
+
+### 6.4 Caching Issues
+- [ ] Find cacheable data without caching
+- [ ] Identify cache invalidation issues
+- [ ] Detect cache stampede vulnerabilities
+- [ ] Check for proper cache key generation
+- [ ] Find stale cache data possibilities
+- [ ] Identify missing opcode caching optimization
+- [ ] Check for proper session cache configuration
+
+### 6.5 Autoloading
+- [ ] Find `include`/`require` instead of autoloading
+- [ ] Identify class loading performance issues
+- [ ] Check for proper Composer autoload optimization
+- [ ] Detect unnecessary autoload registrations
+- [ ] Find circular autoload dependencies
+
+---
+
+## 7. ASYNC & CONCURRENCY
+
+### 7.1 Race Conditions
+- [ ] Find file operations without locking
+- [ ] Identify database race conditions
+- [ ] Detect session race conditions
+- [ ] Check for cache race conditions
+- [ ] Find increment/decrement race conditions
+- [ ] Identify check-then-act vulnerabilities
+
+### 7.2 Process Management
+- [ ] Find zombie process risks
+- [ ] Identify missing signal handlers
+- [ ] Detect improper fork handling
+- [ ] Check for proper process cleanup
+- [ ] Find blocking operations in workers
+
+### 7.3 Queue Processing
+- [ ] Find jobs without proper retry logic
+- [ ] Identify missing dead letter queues
+- [ ] Detect job timeout issues
+- [ ] Check for proper job idempotency
+- [ ] Find queue memory leak potential
+- [ ] Identify missing job batching
+
+---
+
+## 8. CODE QUALITY
+
+### 8.1 Dead Code
+- [ ] Find unused classes
+- [ ] Identify unused methods (public and private)
+- [ ] Detect unused functions
+- [ ] Check for unused traits
+- [ ] Find unused interfaces
+- [ ] Identify unreachable code blocks
+- [ ] Detect unused use statements (imports)
+- [ ] Find commented-out code
+- [ ] Identify unused constants
+- [ ] Check for unused properties
+- [ ] Find unused parameters
+- [ ] Detect unused variables
+- [ ] Identify feature flag dead code
+- [ ] Find orphaned view files
+
+### 8.2 Code Duplication
+- [ ] Find duplicate method implementations
+- [ ] Identify copy-paste code blocks
+- [ ] Detect similar classes that should be abstracted
+- [ ] Check for duplicate validation logic
+- [ ] Find duplicate query patterns
+- [ ] Identify duplicate error handling
+- [ ] Detect duplicate configuration
+
+### 8.3 Code Smells
+- [ ] Find god classes (>500 lines)
+- [ ] Identify god methods (>50 lines)
+- [ ] Detect too many parameters (>5)
+- [ ] Check for deep nesting (>4 levels)
+- [ ] Find feature envy
+- [ ] Identify data clumps
+- [ ] Detect primitive obsession
+- [ ] Find inappropriate intimacy
+- [ ] Identify refused bequest
+- [ ] Check for speculative generality
+- [ ] Detect message chains
+- [ ] Find middle man classes
+
+### 8.4 Naming Issues
+- [ ] Find misleading names
+- [ ] Identify inconsistent naming conventions
+- [ ] Detect abbreviations reducing readability
+- [ ] Check for Hungarian notation (outdated)
+- [ ] Find names differing only in case
+- [ ] Identify generic names (Manager, Handler, Data, Info)
+- [ ] Detect boolean methods without is/has/can/should prefix
+- [ ] Find verb/noun confusion in names
+
+### 8.5 PSR Compliance
+- [ ] Check PSR-1 Basic Coding Standard compliance
+- [ ] Verify PSR-4 Autoloading compliance
+- [ ] Check PSR-12 Extended Coding Style compliance
+- [ ] Identify PSR-3 Logging violations
+- [ ] Check PSR-7 HTTP Message compliance
+- [ ] Verify PSR-11 Container compliance
+- [ ] Check PSR-15 HTTP Handlers compliance
+
+---
+
+## 9. ARCHITECTURE & DESIGN
+
+### 9.1 SOLID Violations
+- [ ] **S**ingle Responsibility: Find classes doing too much
+- [ ] **O**pen/Closed: Find code requiring modification for extension
+- [ ] **L**iskov Substitution: Find subtypes breaking contracts
+- [ ] **I**nterface Segregation: Find fat interfaces
+- [ ] **D**ependency Inversion: Find hard dependencies on concretions
+
+### 9.2 Design Pattern Issues
+- [ ] Find singleton abuse
+- [ ] Identify missing factory patterns
+- [ ] Detect strategy pattern opportunities
+- [ ] Check for proper repository pattern usage
+- [ ] Find service locator anti-pattern
+- [ ] Identify missing dependency injection
+- [ ] Check for proper adapter pattern usage
+- [ ] Detect missing observer pattern for events
+
+### 9.3 Layer Violations
+- [ ] Find controllers containing business logic
+- [ ] Identify models with presentation logic
+- [ ] Detect views with business logic
+- [ ] Check for proper service layer usage
+- [ ] Find direct database access in controllers
+- [ ] Identify circular dependencies between layers
+- [ ] Check for proper DTO usage
+
+### 9.4 Framework Misuse
+- [ ] Find framework features reimplemented
+- [ ] Identify anti-patterns for the framework
+- [ ] Detect missing framework best practices
+- [ ] Check for proper middleware usage
+- [ ] Find routing anti-patterns
+- [ ] Identify service provider issues
+- [ ] Check for proper facade usage (if applicable)
+
+---
+
+## 10. DEPENDENCY ANALYSIS
+
+### 10.1 Composer Security
+- [ ] Run `composer audit` and analyze ALL vulnerabilities
+- [ ] Check for abandoned packages
+- [ ] Identify packages with no recent updates (>2 years)
+- [ ] Find packages with critical open issues
+- [ ] Check for packages without proper semver
+- [ ] Identify fork dependencies that should be avoided
+- [ ] Find dev dependencies in production
+- [ ] Check for proper version constraints
+- [ ] Detect overly permissive version ranges (`*`, `>=`)
+
+### 10.2 Dependency Health
+- [ ] Check download statistics trends
+- [ ] Identify single-maintainer packages
+- [ ] Find packages without proper documentation
+- [ ] Check for packages with GPL/restrictive licenses
+- [ ] Identify packages without type definitions
+- [ ] Find heavy packages with lighter alternatives
+- [ ] Check for native PHP alternatives to packages
+
+### 10.3 Version Analysis