wpds
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructs the agent to use lint scripts provided by the local project context to validate proposed code. This is a standard developer-tooling capability intended for code quality and does not involve arbitrary or hidden command execution.
- DATA_EXFILTRATION (SAFE): There are no indicators of unauthorized network requests or access to sensitive credentials. The network operations are restricted to the WPDS MCP server using custom URI schemes (wpds://).
- PROMPT_INJECTION (SAFE): The instructions contain directives for documentation precedence ("take the absolute precedence"). While strong, these are functional requirements for maintaining design system consistency and do not attempt to override the AI's core safety protocols or extract system prompts.
- REMOTE_CODE_EXECUTION (SAFE): The skill references standard WordPress component libraries (@wordpress/components, @wordpress/ui) but does not perform automated installation or execution of untrusted remote scripts.
Audit Metadata