wp-block-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) as it processes project files and utilizes command-execution capabilities. Evidence: (1) Ingestion points: the agent reads local repository files including block.json, PHP, and JavaScript; (2) Boundary markers: no explicit markers or safety instructions are defined for these data inputs; (3) Capability inventory: the skill executes shell commands (node, npm, wp-cli); (4) Sanitization: no specific sanitization logic is described.
- [COMMAND_EXECUTION] (SAFE): Shell commands are used for build and triage tasks consistent with official WordPress development workflows.
- [EXTERNAL_DOWNLOADS] (SAFE): All external tool and package references (e.g., @wordpress/scripts) are directed toward trusted WordPress ecosystem organizations.
- [NO_CODE] (SAFE): The procedure references internal triage and listing scripts that are not present in the provided skill bundle, though their described use is benign.
Audit Metadata