Skills
skills/jezweb/claude-skills/wordpress-setup/Gen Agent Trust Hub

wordpress-setup

Warn

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses sudo to move the WP-CLI binary into the /usr/local/bin system directory, which requires elevated administrative privileges.
  • [COMMAND_EXECUTION]: Configuration patterns for SSH aliases include the -o StrictHostKeyChecking=no flag. This disables the verification of the remote host's identity, increasing susceptibility to Man-in-the-Middle (MitM) attacks.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the WP-CLI Phar executable from the official wp-cli repository on GitHub.
  • [EXTERNAL_DOWNLOADS]: The skill installs the wp-cli/ssh-command package from the official WP-CLI package registry to enable remote management capabilities.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external WordPress sites (such as post titles and user lists) which could contain malicious instructions.
  • Ingestion points: SKILL.md (Step 4, Step 2 Option B) and references/wp-cli-essentials.md (Diagnostic Commands).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the workflows.
  • Capability inventory: The skill has access to shell commands (wp), network operations (curl), and privilege escalation (sudo).
  • Sanitization: There is no evidence of sanitization or validation performed on the data retrieved from the WordPress sites before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 20, 2026, 05:52 AM