boilerplate-update
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard development commands such as
git clone,php,composer, andnpm. These are used for cloning the reference boilerplate, running the provided replacement script, and managing dependencies. - [EXTERNAL_DOWNLOADS]: The skill downloads the reference boilerplate from the author's official GitHub repository (
https://github.com/JUVOJustin/wordpress-plugin-boilerplate.git). This is a documented and necessary step for its primary function. - [REMOTE_CODE_EXECUTION]: The skill includes a local PHP script (
scripts/boilerplate-replace.php) used to automate the replacement of boilerplate placeholders with actual plugin values. The script is bundled with the skill and operates on local files within the cloned boilerplate directory. No execution of untrusted remote code was found. - [DATA_EXFILTRATION]: There are no network operations that attempt to send sensitive data to external servers. All network activity is limited to cloning the reference repository and installing standard packages via
composerandnpm. - [PROMPT_INJECTION]: The skill's instructions focus on technical migration steps and do not contain any patterns intended to bypass AI safety guidelines or override system prompts.
Audit Metadata