blockstudio
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The framework documentation describes installing the core library and its template engine dependencies (Timber, Blade) via Composer. It also includes an automated feature for downloading JavaScript modules from the well-known
esm.shCDN to a local directory when using thenpm:import syntax. These are documented architectural features of the framework. - [COMMAND_EXECUTION]: The documentation provides standard CLI instructions for framework bootstrapping and dependency management using Composer.
- [COMMAND_EXECUTION]: The framework includes a
populatefeature that usescall_user_func_arrayto execute PHP functions (such asget_postsor custom functions) defined in theblock.jsonconfiguration file. This is a primary feature of the framework used for dynamic data population in the WordPress editor. - [INDIRECT_PROMPT_INJECTION]: The skill processes structured configuration data from
block.json,page.json, andblockstudio.json. It also provides a mechanism for fetching external data via URLs. To mitigate risks associated with untrusted data, the documentation explicitly instructs the assistant and developer to use WordPress escaping and sanitization functions (esc_html,wp_kses_post). - Ingestion points: Block configuration files (
block.json), theme settings (blockstudio.json), and external API endpoints via thefetchpopulate mode. - Boundary markers: Not explicitly defined in the provided markdown files.
- Capability inventory: Writing and executing PHP/Twig/Blade templates, file system writes for asset minification/SCSS compilation, and network requests via the
populatefeature. - Sanitization: Documentation mandates the use of
esc_html(),esc_attr(), andwp_kses_post()for all output rendering.
Audit Metadata