wordpress-penetration-testing
skills-sh:sickn33_antigravity-awesome-skills__wordpress-penetration-testing
View sourceFirst Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
4
Score
62/100
Findings (4)
Skill can read private data AND execute arbitrary code. This combination enables credential theft via dynamic code.
[reads_private_data] load
After obtaining credentials + [executes_code] exec(Add input validation between the user-controlled data source and the security-sensitive sink (e.g., file writes, command execution). Implement allowlisting for acceptable input patterns.
Likely FP if the user input passes through explicit validation or sanitization before reaching the sensitive operation, and the taint tracker missed the sanitization step.
Detects common reverse shell patterns across multiple languages
bash -i >& /dev/tcp/Audit post-install scripts (postinstall, preinstall hooks) in dependencies. Block or sandbox post-install script execution, especially for packages added by skill instructions.
Likely FP if the post-install hook runs a standard build step (e.g., compiling native modules with node-gyp) for a well-known package.
Detects fetching remote documentation or code to load as agent context
cURL or wget
+ http://target.com/wp-content/themes/<theme>/readme.txtPin the SDK or script to a specific version and verify its checksum after download. Prefer installing SDKs via a package manager instead of fetching remote scripts directly.
Likely FP if the match is documentation showing how to install an official SDK (e.g., Google Cloud SDK, AWS CLI) from its canonical URL.
Detects eval() or exec() used for dynamic code execution
exec("Replace eval()/exec() with a safer alternative such as json.loads(), ast.literal_eval(), or a purpose-built parser.
Likely FP if the matched text contains 'exec' as part of a word (e.g., 'execute', 'execution') rather than an actual eval() or exec() call.