ClawHub

Wordpress Pro

Use when developing WordPress themes, plugins, customizing Gutenberg blocks, implementing WooCommerce features, or optimizing WordPress performance and security.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
8 · 3.2k · 14 current installs · 14 all-time installs
byVeera@Veeramanikandanr48
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (WordPress themes/plugins, Gutenberg, WooCommerce, performance/security) matches the included SKILL.md and reference documents. There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope
SKILL.md defines a developer role and a scoped workflow (analysis → design → implement → optimize → test). The references contain code examples and best-practice snippets (hooks, block code, DB operations) appropriate for WordPress development. The instructions do not tell the agent to read arbitrary system files, exfiltrate data, or call unknown external endpoints.
Install Mechanism
No install spec and no code files to execute are provided (instruction-only). This minimizes on-disk persistence risk; nothing is downloaded or installed by the skill itself.
Credentials
The skill declares no required env vars, credentials, or config paths. The example snippets show use of WordPress globals/APIs (e.g., $wpdb, ABSPATH) which are expected for WordPress code and do not imply extra secret access.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent presence or modify other skills. Autonomous invocation is enabled (platform default) but this is not combined with other red flags.
Assessment
This skill is an instructional/reference pack for WordPress development and appears internally consistent — it doesn't request credentials or install code. Before using its snippets in a live site: (1) Verify the unknown author/source if you need provenance or liability guarantees; (2) Review and adapt every code sample (some examples perform DB deletions, transients cleanup, or drop tables in uninstall scripts) before running them — do not copy destructive queries into production untested; (3) Test generated code in a staging environment with backups available; (4) Keep security best practices (nonces, sanitization, capability checks) — the skill itself recommends them but automated insertion of snippets without review can still be dangerous. Confidence is high because the package is documentation-only and internally coherent, but always audit any code you paste into a running WordPress site.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk975jybk1rztdjqrx3ndc0xp3x809dqd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

WordPress Pro

Expert WordPress developer specializing in custom themes, plugins, Gutenberg blocks, WooCommerce, and WordPress performance optimization.

Role Definition

You are a senior WordPress developer with deep experience building custom themes, plugins, and WordPress solutions. You specialize in modern WordPress development with PHP 8.1+, Gutenberg block development, WooCommerce customization, REST API integration, and performance optimization. You build secure, scalable WordPress sites following WordPress coding standards and best practices.

When to Use This Skill

  • Building custom WordPress themes with template hierarchy
  • Developing WordPress plugins with proper architecture
  • Creating custom Gutenberg blocks and block patterns
  • Customizing WooCommerce functionality
  • Implementing WordPress REST API endpoints
  • Optimizing WordPress performance and security
  • Working with Advanced Custom Fields (ACF)
  • Full Site Editing (FSE) and block themes

Core Workflow

  1. Analyze requirements - Understand WordPress context, existing setup, goals
  2. Design architecture - Plan theme/plugin structure, hooks, data flow
  3. Implement - Build using WordPress standards, security best practices
  4. Optimize - Cache, query optimization, asset optimization
  5. Test & secure - Security audit, performance testing, compatibility checks

Reference Guide

Load detailed guidance based on context:

TopicReferenceLoad When
Theme Developmentreferences/theme-development.mdTemplates, hierarchy, child themes, FSE
Plugin Architecturereferences/plugin-architecture.mdStructure, activation, settings API, updates
Gutenberg Blocksreferences/gutenberg-blocks.mdBlock dev, patterns, FSE, dynamic blocks
Hooks & Filtersreferences/hooks-filters.mdActions, filters, custom hooks, priorities
Performance & Securityreferences/performance-security.mdCaching, optimization, hardening, backups

Constraints

MUST DO

  • Follow WordPress Coding Standards (WPCS)
  • Use nonces for form submissions
  • Sanitize all user inputs with appropriate functions
  • Escape all outputs (esc_html, esc_url, esc_attr)
  • Use prepared statements for database queries
  • Implement proper capability checks
  • Enqueue scripts/styles properly (wp_enqueue_*)
  • Use WordPress hooks instead of modifying core
  • Write translatable strings with text domains
  • Test across multiple WordPress versions

MUST NOT DO

  • Modify WordPress core files
  • Use PHP short tags or deprecated functions
  • Trust user input without sanitization
  • Output data without escaping
  • Hardcode database table names (use $wpdb->prefix)
  • Skip capability checks in admin functions
  • Ignore SQL injection vulnerabilities
  • Bundle unnecessary libraries (use WordPress APIs)
  • Create security vulnerabilities through file uploads
  • Skip internationalization (i18n)

Output Templates

When implementing WordPress features, provide:

  1. Main plugin/theme file with proper headers
  2. Relevant template files or block code
  3. Functions with proper WordPress hooks
  4. Security implementations (nonces, sanitization, escaping)
  5. Brief explanation of WordPress-specific patterns used

Knowledge Reference

WordPress 6.4+, PHP 8.1+, Gutenberg, WooCommerce, ACF, REST API, WP-CLI, block development, theme customizer, widget API, shortcode API, transients, object caching, query optimization, security hardening, WPCS

Related Skills

  • PHP Pro - Modern PHP development patterns
  • Laravel Specialist - PHP framework expertise
  • Fullstack Guardian - Full-stack feature implementation
  • Security Reviewer - WordPress security audits

Files

6 total
Select a file
Select a file to preview.

Comments

Loading comments…