wp-rest-api
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes a local utility script (
detect_wp_project.mjs) to identify the target project structure. This is expected behavior for a development-focused skill and does not involve untrusted remote code. - [DATA_EXFILTRATION] (SAFE): There are no indicators of unauthorized file access or network communication with non-whitelisted domains.
- [SAFE] (SAFE): The instructions emphasize mandatory permission checks and data sanitization, aligning with security best practices for the WordPress ecosystem.
Audit Metadata