wp-playground
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the WordPress Playground CLI using
npx @wp-playground/cli, which is a standard method for running this official utility. - [EXTERNAL_DOWNLOADS]: Fetches configuration schemas, themes, and plugins from well-known WordPress domains such as wordpress.org and wordpress.net.
- [REMOTE_CODE_EXECUTION]: Supports the execution of PHP code and scripted setup routines defined in JSON blueprints through the
runPHPandrun-blueprintcommands. - [PROMPT_INJECTION]: Vulnerable to indirect prompt injection if the agent processes data from external blueprints or plugins.
- Ingestion points: Remote blueprints fetched via URL (
--blueprint=<url>) and external plugin/theme ZIP files inreferences/blueprints.md. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the processed WordPress site data.
- Capability inventory: The toolset allows for PHP execution, filesystem modification (
writeFile), and network operations within the Playground environment. - Sanitization: No explicit sanitization or filtering of content retrieved from the WordPress instance is described before it reaches the agent's context.
Audit Metadata