wp-project-triage
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local filesystem scanning to identify WordPress project structures (themes, plugins, core). It uses deterministic string matching and regex to extract non-sensitive configuration flags from files like wp-config.php and package.json.
- [SAFE]: No network operations, credential exfiltration, or external downloads were detected. All filesystem access is restricted to the current working directory using a depth-limited recursive search.
- [SAFE]: The code does not use dynamic execution (eval/exec) or complex obfuscation. It uses standard Node.js APIs for file and path management.
Audit Metadata