Blueprint

• Setup
• Usage
  • Writing a Blueprint
  • Running a security audit

A Laravel Boost extension that helps AI agents produce accurate, detailed implementation plans for Filament.

You can find out more about AI-assisted development with Blueprint in our documentation.

#Setup

First, install Blueprint using Composer:

composer config repositories.filament composer https://packages.filamentphp.com/composer
composer config --auth http-basic.packages.filamentphp.com "YOUR_EMAIL_ADDRESS" "YOUR_LICENSE_KEY"
composer require filament/blueprint --dev

Then run the Boost installer and select the Guidelines and Skills for Filament and Filament Blueprint when prompted:

php artisan boost:install

To verify installation, check your AGENTS.md, CLAUDE.md, or similar file for a new Filament Blueprint section.

#Usage

#Writing a Blueprint

1. Enable planning mode in your AI agent (Claude Code, Cursor, etc.)
2. Ask the agent to create a Filament Blueprint for your feature

Example prompt:

Create a Filament Blueprint for an order management system.

Orders belong to customers and have many order items. Each order has a status
(pending, confirmed, shipped, delivered, cancelled), shipping address, and
optional notes. Order items reference products with quantity and unit price.

I need to search orders by customer name and filter by status and date range.
The order form should calculate line totals automatically as items are added.
Only admins can delete orders, and orders can only be cancelled if not yet shipped.

The agent will produce a detailed specification document ready for direct implementation, no guessing required.

#Running a security audit

Blueprint also ships a Filament Security Audit skill that scans a Filament codebase against a catalogue of known security misconfigurations (authorization, file uploads, XSS, query scoping, dependency CVEs, etc.) and writes a per-finding remediation plan — every entry names the exact file, component namespace, docs URL, and pasteable fix so an implementing agent can apply it without guessing.

Naming the skill explicitly in your prompt is the most reliable way to invoke it. The skill also responds to the keywords security-audit, security-review, harden, and pen-test when paired with a target like a panel, resource, page, or Livewire component.

Example prompt:

Using the filament-security-audit skill, audit the admin panel and write
the remediation plan to SECURITY_AUDIT.md.

The agent will produce a Markdown report grouped by finding category, plus a table of every check performed (Finding / Pass / N/A) and recommended tests for each confirmed issue.