Trust Assessment
wp-performance received a trust score of 21/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 1 high, 1 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Arbitrary Code Execution via `wp profile eval`, Unsafe WP-CLI Root Execution Enabled.
The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, manifest_analysis, static_code_analysis. The manifest_analysis layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 11, 2026 (commit cdc950d5). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ewtx1d50/repo/skills/wp-performance/scripts/perf_inspect.mjs:100 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Unknown | /var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-ewtx1d50/repo/skills/wp-performance/scripts/perf_inspect.mjs:122 | |
| HIGH | Arbitrary Code Execution via `wp profile eval` The skill instructs the agent to use `wp profile eval` for deep profiling. This WP-CLI command executes arbitrary PHP code. A sophisticated prompt injection attack could trick the agent into crafting and executing a malicious PHP payload, leading to Remote Code Execution (RCE) on the target WordPress site. The skill lacks sufficient guardrails or warnings about the risk of this command. Disable the use of `wp profile eval`. If its functionality is essential, replace it with a safer, more specific tool or add strict guardrails that prevent the execution of arbitrary or user-influenced code. | Unknown | SKILL.md:50 | |
| MEDIUM | Unsafe WP-CLI Root Execution Enabled The helper script `scripts/perf_inspect.mjs` accepts and passes an `--allow-root` flag to all `wp` commands it executes. Running WP-CLI as the root user is a discouraged practice that can cause file permission issues and escalates the risk of destructive operations. The skill does not provide guidance or warnings on the use of this flag, making it possible for an agent to use it improperly. Remove the `--allow-root` flag handling from the script. The agent should run as a non-root user with appropriate permissions. If root is required for specific containerized environments, the skill documentation (`SKILL.md`) should explicitly state the conditions under which it is safe and warn against its general use. | Unknown | scripts/perf_inspect.mjs:30 |
Scan History
Embed Code
[](https://skillshield.io/report/85352150ce734a63)
Powered by SkillShield