The Agent Skills Directory

[SAFE]: The skill consists of natural language instructions and benign PHP/HTML code examples intended for theme development. No malicious patterns such as credential harvesting, data exfiltration, or unauthorized command execution were identified.
[SAFE]: External links reference official and reputable developer resources, including Advanced Custom Fields documentation, Tailwind CSS installation guides, and the WordPress Theme Handbook.
[PROMPT_INJECTION]: The skill includes instructional constraints intended to guide the agent's behavior during conversion (e.g., 'No alterations to layout', 'No fixes are allowed during this phase'). These are standard task-specific instructions and do not attempt to bypass core safety guardrails or extract system prompts.
[DATA_EXPOSURE]: The skill does not access sensitive local file paths or attempt to exfiltrate data. It focuses on standard project files like header.php, footer.php, and React component files.
[INDIRECT_PROMPT_INJECTION]: The skill possesses an ingestion surface as it is designed to process external codebase data (React/HTML). While this represents a potential vector for instructions hidden in source code comments, the skill lacks high-privilege capabilities (like network access or arbitrary shell execution) that would make such an injection high-risk. This behavior is inherent to the skill's primary purpose of codebase conversion.

codebase-to-wordpress-converter