This skill should be used when the user asks about a WordPress plugin's or theme's real performance/speed impact, wants to compare the speed of plugins or th...
Security Analysis
high confidenceThis skill coherently wraps a WordPress performance benchmark API and discloses its paid API, credentials, cache, and local site audit behavior.
The stated purpose is WordPress plugin/theme performance lookup, comparison, and local active-plugin audit; the bundled CLI capabilities match that purpose.
Instructions constrain agents to the bundled CLI, prefer quota-saving commands, run quota checks before broad audits, and stop on ambiguity; audit use would send active plugin slugs to the benchmark service, which is expected but worth noting.
The package contains markdown references and a Python standard-library CLI script; no automatic installer, background service, or hidden activation path is present.
The CLI reads an API key from environment, macOS keychain, or a local config file, uses wp-cli only to list active plugin names for audits, and calls MakeWPFast and WordPress.org APIs as part of the advertised workflow.
Persistence is limited to an optional stored API key, local benchmark/name-resolution cache, and a calls log under user config/cache paths; no privilege escalation or long-running process is shown.
Guidance
Install only if you are comfortable using a paid MakeWPFast API key. Local site audits use wp-cli to identify active plugin slugs and may query those slugs against the external API, consuming quota unless cached. Review the local cache, calls log, and API-key storage location if you need tighter operational control.
Latest Release
v1.0.0
Initial release: lookup/compare/audit/me/resolve for the MakeWPFast Benchmark API, with name-to-slug resolution, local cache, and quota guards.
Popular Skills
Published by @marcindudekdev on ClawHub
