The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill references and utilizes external libraries such as 'plugin-update-checker' (YahnisElsts) and WordPress Coding Standards (wp-coding-standards) which are not included in the list of trusted organizations.
REMOTE_CODE_EXECUTION (MEDIUM): The 'scripts/scaffold-plugin.sh' script executes 'composer install' for PSR-4 plugins, which downloads and executes code from remote repositories during the installation process.
COMMAND_EXECUTION (MEDIUM): The scaffolding script 'scripts/scaffold-plugin.sh' performs multiple file system operations including 'cp', 'mv', and 'sed' on the local host to process templates.
PROMPT_INJECTION (LOW): An Indirect Prompt Injection surface is present in 'scripts/scaffold-plugin.sh'. 1. Ingestion points: Untrusted data enters via 'read -p' prompts for plugin name, slug, and prefix. 2. Boundary markers: Absent; user input is directly interpolated into shell commands. 3. Capability inventory: The script can modify files, create directories, and run the composer package manager. 4. Sanitization: Absent; user-provided variables are used directly in 'sed' commands without escaping or validation, potentially allowing for unintended file modifications.

wordpress-plugin-core