WordPress API Pro

ReviewAudited by ClawScan on May 5, 2026.

Overview

This appears to be a coherent WordPress management skill, but it legitimately needs site credentials and can change live WordPress or WooCommerce content.

Install only if you want an agent to manage WordPress content for sites you control. Use a dedicated least-privilege application password, verify the WordPress URL is the intended HTTPS site, keep any local config file private, run dry-runs before batch changes, and approve exact IDs, fields, and publish status before live writes.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If used incorrectly, the skill can create or modify visible website content.

Why it was flagged

The script can create WordPress content through an authenticated POST request, including non-draft statuses when requested.

Skill content

data = {'title': title, 'content': content, 'status': status} ... request = urllib.request.Request(api_url, data=json.dumps(data).encode('utf-8'), method='POST')

Recommendation

Confirm the exact site, post or product IDs, fields, and final status before allowing any write; prefer drafts unless publication is explicitly approved.

Medium

#ASI03: Identity and Privilege Abuse

What this means

A credential with too much WordPress authority could let the agent change more site content than intended.

Why it was flagged

The skill uses WordPress account credentials/application passwords for authenticated API access.

Skill content

export WP_USERNAME="wp-api-user"
read -rs WP_APP_PASSWORD
export WP_APP_PASSWORD

Recommendation

Use a dedicated least-privilege WordPress application password, prefer HTTPS-only site URLs, and revoke or rotate the credential after use.

Medium

#ASI08: Cascading Failures

What this means

A mistaken batch command could propagate the same change across many posts or sites.

Why it was flagged

Batch updates can affect multiple posts and sites once explicitly executed; the script includes dry-run and all-site gates, plus an optional confirmation-skip flag.

Skill content

parser.add_argument('--execute', action='store_true' ...)
parser.add_argument('--allow-all', action='store_true' ...)
parser.add_argument('--yes', action='store_true', help='Skip interactive confirmation when using --execute')

Recommendation

Run batch operations in dry-run mode first, avoid `--yes` unless approval has already been captured, and use `--allow-all` only for explicitly approved all-site changes.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Installing dependencies without pinning can introduce normal package-supply-chain risk.

Why it was flagged

Some scripts depend on the third-party `requests` package, and the README gives an unpinned manual install command.

Skill content

`requests` for plugin integration scripts: `pip install requests`

Recommendation

Install dependencies from trusted package indexes and consider pinning or reviewing dependency versions in controlled environments.