wp-plugin-dev
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill incorporates comprehensive security directives, mandating the use of WordPress-specific sanitization (e.g., sanitize_text_field) and escaping (e.g., esc_html) functions for all data handling operations, which effectively mitigates common web vulnerabilities like Cross-Site Scripting (XSS).
- [SAFE]: All database interaction patterns provided in the architectural references require the use of prepared statements ($wpdb->prepare), ensuring protection against SQL injection attacks in any generated plugin code.
- [SAFE]: The skill strictly follows the WordPress.org plugin directory guidelines, prohibiting obfuscated code, unauthorized tracking, and external executable code, while promoting the use of bundled core libraries.
- [SAFE]: No evidence of prompt injection, unauthorized network communication, or credential harvesting was found; the delivery mechanism is restricted to a standard output path for generated files.
Audit Metadata