wordpress
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation resource for open-source contribution. All external links target official WordPress domains (wordpress.org, make.wordpress.org) which are recognized as safe, well-known services.
- [SAFE]: Remote repository access is limited to the official WordPress development repository on GitHub (
github.com/WordPress/wordpress-develop.git), which is a trusted organization. No untrusted third-party code is downloaded or executed. - [SAFE]: The skill provides examples of configuration files (e.g.,
wp-tests-config.php) containing default local development credentials (rootuser, empty password,localhost). These are standard placeholders for local environments and do not represent a leak of sensitive credentials. - [SAFE]: The content explicitly instructs users on security best practices, including the use of
$wpdb->prepare()for SQL injection prevention,esc_html()andesc_url()for XSS prevention, and nonces for CSRF protection.
Audit Metadata