The Agent Skills Directory

COMMAND_EXECUTION (LOW): The skill instructions call for the execution of local scripts using node, such as skills/wp-project-triage/scripts/detect_wp_project.mjs and skills/wp-block-themes/scripts/detect_block_themes.mjs. It also utilizes WP-CLI for certain workflows. These are standard operations for a development-focused agent but rely on the integrity of the local script environment.
PROMPT_INJECTION (MEDIUM): The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes untrusted data from the user repository. 1. Ingestion points: The skill reads content from theme.json, templates/*.html, parts/*.html, and patterns/*.php. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are specified in the prompt logic. 3. Capability inventory: The agent has the power to write to the file system and execute local scripts/WP-CLI based on interpreted data. 4. Sanitization: There is no mention of validating or sanitizing the content of the theme files before processing them.

wp-block-themes