WordPress REST API CLI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed WordPress automation CLI that uses user-provided credentials to manage WordPress content, with no evidence of hidden persistence, exfiltration, or destructive behavior outside that purpose.

Install only if you intend to let an agent operate a WordPress site. Use a dedicated low-privilege WordPress application password, prefer draft workflows, and require human review before publishing, deleting content, reading user data, or using the raw request command.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill explicitly relies on environment variables for credentials and performs network access to a remote WordPress instance, but it does not declare those capabilities as permissions. Undeclared env and network access reduces transparency and weakens policy enforcement, which can lead to unintended credential exposure or unauthorized outbound requests when the skill is executed in an agent environment.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal