The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill references and suggests using packages from the @wordpress npm scope (e.g., @wordpress/scripts, @wordpress/create-block, @wordpress/env). While these are standard for WordPress development, this organization is not on the predefined list of trusted GitHub organizations.\n- [COMMAND_EXECUTION] (LOW): The procedure involves executing shell commands (npm run build, wp-cli) and local Node.js scripts (detect_wp_project.mjs, list_blocks.mjs) that were not provided in the analyzed file set.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface: The skill is designed to ingest and process files from a WordPress repository (including block.json and PHP/JS source code). 1. Ingestion points: block.json, .php, and .js files. 2. Boundary markers: No delimiters or explicit 'ignore instructions' warnings are present in the documentation. 3. Capability inventory: Filesystem access and execution of bash, node, and wp-cli commands. 4. Sanitization: No sanitization or validation of the ingested code/metadata is specified.

wp-block-development