In field_group_field_group_to_hook_code(), check_plain() is used to "sanitize" strings for PHP.
It would be better / more robust to use var_export() instead.
The check_plain() is in safe, because every single quote is replaced with "'".
It also does not usually mess up the string, because it is only used for group machine names.
However, check_plain(), which uses htmlspecialchars(), is designed for HTML, not for PHP code generation.
Better to use var_export().
Closed: won't fix
1.0
Miscellaneous
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.