Trust Assessment
wordpress-mcp received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential for Arbitrary SQL Execution via MCP Database Feature, Potential for Raw WordPress REST API Access via MCP Dynamic REST Feature.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential for Arbitrary SQL Execution via MCP Database Feature The skill describes the 'Database' feature of the Model Context Protocol (MCP) system, which allows 'Execute SQL queries on the WordPress database'. If this feature is enabled by the site administrator in the AI Engine plugin and the AI agent is granted access to it, it could be exploited to perform arbitrary SQL queries. This poses a critical risk, potentially leading to data exfiltration, modification, or destruction of the WordPress database. While the skill notes this feature is 'Off' by default, its existence and description within the skill highlight a significant potential for excessive permissions if not carefully managed. Advise users to keep the 'Database' feature disabled in AI Engine's MCP settings unless absolutely necessary. If enabled, implement strict access controls and monitoring. AI agents should be explicitly prevented from calling `tools/call` with database-related tool names unless specifically authorized for a narrow, audited purpose. | LLM | SKILL.md:54 | |
| MEDIUM | Potential for Raw WordPress REST API Access via MCP Dynamic REST Feature The skill describes the 'Dynamic REST' feature of the MCP system, which provides 'Raw access to WordPress REST API'. If this feature is enabled by the site administrator and the AI agent is granted access, it could allow the agent to bypass higher-level MCP tool abstractions and interact directly with any WordPress REST API endpoint. This broad access could lead to unintended actions, data exposure, or system manipulation, depending on the scope of the REST API endpoints and the permissions granted to the underlying API key. While the skill notes this feature is 'Off' by default, its description highlights a potential for excessive permissions. Advise users to keep the 'Dynamic REST' feature disabled in AI Engine's MCP settings unless absolutely necessary. If enabled, ensure the API key used by the AI agent adheres to the principle of least privilege, restricting access only to required REST API endpoints and methods. | LLM | SKILL.md:58 |
Scan History
Embed Code
[](https://skillshield.io/report/ea3fd87655de3226)
Powered by SkillShield