Skills
skills/automattic/studio/studio-cli/Gen Agent Trust Hub

studio-cli

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of Studio CLI commands and WP-CLI commands within a local PHP WASM environment. This includes site management tasks such as creation, deletion, and configuration changes.
  • [EXTERNAL_DOWNLOADS]: The studio site create command supports a --blueprint option that can fetch site configuration files from external URLs. This is a standard feature for defining WordPress site states.
  • [DATA_EXFILTRATION]: The skill enables uploading local site content to WordPress.com via the studio preview create command to generate temporary preview URLs. This involves sending site data to a well-known external service.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting data from external Blueprint files or processing site status information.
  • Ingestion points: External URLs provided via the --blueprint flag in SKILL.md.
  • Boundary markers: None provided in the skill instructions to distinguish between data and instructions.
  • Capability inventory: Local file system access (site management) and command execution via wp-cli documented in SKILL.md.
  • Sanitization: No specific sanitization or validation of Blueprint content is defined in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 02:28 PM