Skillv0.5.0

ClawScan security

WordPress WP-CLI Admin · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 4, 2026, 8:52 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with a WP-CLI administration tool and contains only benign inspection scripts and guidance, but it omits declaring that it requires the `wp` CLI and assumes shell/SSH access — review before running on production.
Guidance: This skill appears to be what it says: a helper for running WP-CLI against local or remotely-accessible WordPress installs. Before installing or running it: (1) verify the `wp` CLI is available on the host (the metadata does not declare this requirement), (2) only run the scripts on systems you trust or in a staging environment because WP-CLI can perform destructive operations (database import, search-replace, bulk updates), (3) ensure you have backups and a change window for any write operations, and (4) review the included scripts yourself (they are short and readable) and confirm you’re comfortable granting an agent the ability to run shell commands on the target host. If you need additional assurance, request a signed source or a homepage/maintainer contact for the package before use.

Purpose & Capability: noteThe name, description, SKILL.md, and included scripts all align with WP-CLI administration. However, the registry metadata lists no required binaries while the runtime scripts and instructions clearly require the `wp` CLI to be present and runnable; this omission is a metadata inconsistency (not necessarily malicious).
Instruction Scope: okSKILL.md instructs the agent to inspect a WordPress install and prefer read-first commands; the two included scripts only run WP-CLI commands, check that the path looks like WordPress, and print status. The instructions warn against blind destructive operations. There is no instruction to read unrelated files or exfiltrate data.
Install Mechanism: okNo install spec (instruction-only with small helper scripts) — low-risk. Scripts are included in the bundle and no external downloads or archive extraction are performed.
Credentials: okThe skill requests no environment variables or credentials and the scripts do not read secrets. They do export a PATH that includes common system locations so `wp` can be found. The absence of declared required binaries is the only mismatch (see purpose_capability).
Persistence & Privilege: okThe skill is not always-included and does not request persistent privileges or modify other skills or system-wide agent settings. It operates on-demand and relies on the invoking environment's shell access.