wp-rest-api
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Node.js script during the triage phase:
node skills/wp-project-triage/scripts/detect_wp_project.mjs. This script is used to identify the WordPress project structure and entry points, which is a functional requirement for the skill's operation.\n- [PROMPT_INJECTION]: The skill is designed to analyze and modify external WordPress codebases, which constitutes an indirect prompt injection surface (Category 8). Malicious instructions could be embedded within the files being processed to influence the agent's behavior.\n - Ingestion points: WordPress repository files (plugins, themes, mu-plugins) accessed at runtime via the filesystem.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for the agent when reading target files.\n
- Capability inventory: The skill can execute local triage scripts and is intended to create or modify PHP files within the WordPress environment.\n
- Sanitization: The instructions recommend implementing core WordPress sanitization and validation functions (e.g.,
rest_validate_value_from_schema) for the code the agent produces, which mitigates risks within the generated application code.
Audit Metadata