wordpress-publisher

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly asks the user for an application password and shows code that embeds the password directly in constructor/API calls and test requests, which requires the LLM to handle and potentially output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and ingests content from external WordPress sites via the REST API (e.g., loading categories with get_categories_with_details, fetching preview pages with fetch_preview/get_post/verify_published_post as shown in SKILL.md and scripts/wp_publisher.py Step 2/Step 5/Step 7), treating that untrusted site content as input for category/tag selection, preview validation, and publish decisions — which could allow indirect instructions from third-party content to influence actions.