wordpress-pro
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [General Behavior] (SAFE): The skill defines a role for expert WordPress development. It contains no executable code, network operations, or sensitive file access.
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass safety filters or override system prompts.
- [Data Exposure & Exfiltration] (SAFE): No evidence of hardcoded credentials, sensitive file path access, or unauthorized network communication.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill processes user requirements for WordPress development tasks.
- Boundary markers: None explicitly defined for user-provided data.
- Capability inventory: The skill is designed to generate PHP and JavaScript code for WordPress environments.
- Sanitization: The instructions explicitly mandate the AI to implement sanitization (sanitize_text_field, etc.) and escaping (esc_html, etc.) in the generated code, which is a strong security best practice.
- [Obfuscation] (SAFE): All text is human-readable with no hidden characters, Base64 encoding, or homoglyphs.
Audit Metadata