wp-plugin-development
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides comprehensive security guidelines for WordPress development, including instructions on implementing nonces for CSRF protection, capability checks for authorization, and proper input/output sanitization and escaping.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Node.js script (
scripts/detect_plugins.mjs) to automate the identification of WordPress plugins within the repository. This is a standard development workflow task. - [SAFE]: The script
detect_plugins.mjsperforms read-only operations on local.phpfiles to extract standard WordPress plugin headers. It uses only built-in Node.js modules (fs,path) and contains no network requests, obfuscated code, or unauthorized data access.
Audit Metadata