wordpress-woocommerce-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow and code explicitly ingest untrusted user-generated content (e.g., the AJAX handler handle_ai_product_question in "Phase 5: Store Customization" that reads arbitrary POSTed customer questions, plus ai_check_order_fraud and ai_validate_order in "Phase 3/8" that send checkout/order fields) and feed that content into wp_ai_client_prompt so third-party inputs can influence AI decisions and subsequent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes payment gateway integrations and references specific payment tools. Phase 3 ("Payment Integration") directs configuring Stripe and PayPal and includes copy-paste prompts "Use @stripe-integration" and "Use @paypal-integration". These are specific payment gateway integrations (Stripe/PayPal), which meet the "Direct Financial Execution" criteria. It also references payment processing and testing payment flows, reinforcing that the workflow is explicitly designed to handle financial transactions.