design-to-wp-block
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Fetches design context and screenshots from Figma. Figma is a well-known service, and this operation is necessary for the skill's core functionality.
- [COMMAND_EXECUTION]: Includes local
ddevcommands for theme building and cache management. These are standard operations within a controlled local development environment. - [PROMPT_INJECTION]: As the skill processes untrusted external design data (images or Figma files), it is susceptible to indirect prompt injection. The skill mitigates risks to the final application by instructing the agent to use standard WordPress escaping functions in the generated PHP templates.
Audit Metadata