Does this skill help with security audits?

Yes, it specifically checks for and prevents 29 documented issues including XSS, CSRF, SQL injection, and missing capability checks.

How does it handle database security?

It enforces the use of the $wpdb->prepare() method for all database queries involving user input to ensure SQL injection protection.

Which WordPress versions does this skill support?

It is optimized for WordPress 6.7 through 6.9+, including guidance on recent breaking changes and the latest security standards.

Can I use this for modern PHP development patterns?

Absolutely. It supports Simple (functional), OOP (object-oriented), and modern PSR-4 architecture patterns for larger plugin projects.

What is the 'Security Trinity' mentioned in the skill?

It refers to the essential practice of Sanitizing input, Validating logic, and Escaping output for every data transaction within a plugin.

WordPress Plugin Core

Name: WordPress Plugin Core
Author: brendadeeznuts1111

bybrendadeeznuts1111

Content Management

Develops secure, high-performance WordPress plugins using modern PHP patterns and core security standards.

About

This skill provides a comprehensive framework for building production-grade WordPress plugins, ranging from simple functional scripts to complex PSR-4 architectures. It enforces the 'Security Trinity'—Sanitize, Validate, and Escape—while providing deep implementation knowledge for the Settings API, Custom Post Types, and REST API endpoints. Designed for WordPress 6.7-6.9+, it ensures code is compatible with PHP 8.5 and avoids common pitfalls like SQL injection, CSRF vulnerabilities, and performance-degrading rewrite rule issues. Whether you are refactoring legacy code or starting a new project, this skill provides the patterns and guards necessary for professional WordPress development.

Key Features

Provides secure database interaction patterns using $wpdb->prepare() to prevent SQL injection.
Implements secure REST API endpoints with mandatory permission callbacks and nonce verification.
0 GitHub stars
Generates boilerplate for Simple, OOP, and modern PSR-4 architecture patterns.
Enforces 'Security Trinity' protocols for input sanitization, logic validation, and output escaping.
Configures Custom Post Types and Taxonomies with optimized rewrite rule management.

Use Cases

Building a new, secure WordPress plugin from scratch following modern PHP 8+ standards.
Auditing and hardening existing plugins against XSS, CSRF, and SQL injection vulnerabilities.
Refactoring procedural plugins into scalable, object-oriented architectures using PSR-4 autoloading.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add brendadeeznuts1111/tier-1380-omega wordpress-plugin-core

For use in Claude.ai and ChatGPT

Download Skill

GitHub

About

Key Features

Provides secure database interaction patterns using $wpdb->prepare() to prevent SQL injection.
Implements secure REST API endpoints with mandatory permission callbacks and nonce verification.
0 GitHub stars
Generates boilerplate for Simple, OOP, and modern PSR-4 architecture patterns.
Enforces 'Security Trinity' protocols for input sanitization, logic validation, and output escaping.
Configures Custom Post Types and Taxonomies with optimized rewrite rule management.

Use Cases

Building a new, secure WordPress plugin from scratch following modern PHP 8+ standards.
Auditing and hardening existing plugins against XSS, CSRF, and SQL injection vulnerabilities.
Refactoring procedural plugins into scalable, object-oriented architectures using PSR-4 autoloading.