The Agent Skills Directory

[SAFE]: No evidence of prompt injection, data exfiltration, or persistence mechanisms was found in the skill instructions or reference files.\n- [SAFE]: The instructions mandate the use of WordPress-specific security functions (e.g., wp_verify_nonce, sanitize_text_field, esc_html) and prepared statements ($wpdb->prepare) for all database interactions to prevent common vulnerabilities like CSRF and SQL injection.\n- [SAFE]: The database backup implementation example in the security reference includes proper security measures, such as generating .htaccess files to prevent public access to sensitive data.\n- [SAFE]: External dependencies and remote communication patterns identified (e.g., @wordpress/scripts and example.com update checkers) are standard for WordPress development and pose no security risk as documented.

wordpress-pro