wordpress-pro
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of high-quality documentation and code templates for WordPress theme and plugin development. No malicious behavior, obfuscation, or unauthorized data access patterns were identified.
- [COMMAND_EXECUTION]: The documentation references standard developer tools such as
wp-cli,composer, andnpx @wordpress/create-block. These tools are used for legitimate project initialization and maintenance within the developer's environment. - [EXTERNAL_DOWNLOADS]: The
UpdateCheckerclass example demonstrates a self-hosted plugin update mechanism usingwp_remote_getwith a placeholder URL (https://example.com). This is a standard and acceptable pattern for private WordPress plugin development. - [REMOTE_CODE_EXECUTION]: No remote code execution vulnerabilities were found. The skill emphasizes secure coding practices, such as the use of prepared statements with
$wpdb->prepareand the implementation of WordPress nonces to prevent CSRF.
Audit Metadata