skills/soderlind/skills/wp-pcp-local/Gen Agent Trust Hub

wp-pcp-local

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a wrapper for WordPress plugin verification. It follows secure coding practices, such as using bash arrays for command execution and quoting variables to prevent shell injection. No malicious patterns, prompt injections, or unauthorized data access were detected.
  • [COMMAND_EXECUTION]: The script interacts with the local environment by executing WP-CLI and specific PHP/MySQL binaries located within the 'Local by Flywheel' application support folders. This is necessary for the skill's primary purpose of running WordPress-specific CLI tools within the context of a local development site.
  • [EXTERNAL_DOWNLOADS]: The documentation refers to the official WordPress.org plugin repository for the 'Plugin Check' dependency. This is a well-known and trusted source for WordPress software.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 04:12 PM