Skills
skills/1teamsoftware/skills/gutenberg-previewer/Gen Agent Trust Hub

gutenberg-previewer

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell and batch scripts (preview.sh, preview.bat) to manage local files and directories.
  • [COMMAND_EXECUTION]: It uses npx to run the WordPress Playground CLI, enabling a local web server with auto-login capabilities.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the @wp-playground/cli package from the official NPM registry to facilitate the local server setup.
  • [EXTERNAL_DOWNLOADS]: It provides instructions to install the wp-block-development skill from the official WordPress agent-skills repository on GitHub (https://github.com/wordpress/agent-skills).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: The scripts preview.sh and preview.bat read an arbitrary input file provided by the user or agent.
  • Boundary markers: No boundary markers or instructions are provided to the browser agent to ignore embedded instructions within the rendered content.
  • Capability inventory: The skill possesses the ability to execute shell commands, write to the local filesystem, and invoke a browser subagent to interact with the local server.
  • Sanitization: No sanitization or escaping is performed on the input file's content before it is concatenated into the WordPress theme's index.html file.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:08 PM