638f9ae5d2
- Create wordpress-validate.cjs tool for WordPress plugin validation - Create woocommerce-validate.cjs tool for WooCommerce-specific checks - Create agent/wordpress.md system prompt for PluginCompass branding - Update opencode.jsonc to enable new tools and agent configuration Both tools are token-efficient: - Success: minimal JSON output (~50 tokens) - Failure: detailed issues with file paths, line numbers, and suggestions wordpress-validate checks: - Forbidden functions (eval, exec, shell_exec, etc.) - SQL injection vulnerabilities - XSS vulnerabilities (direct superglobal echo) - CSRF protection (nonces) - Capability checks - Direct file access protection - Deprecated WordPress functions - AJAX security - REST API security - CSS overlap issues woocommerce-validate checks: - HPOS compatibility declaration - Legacy database access patterns - Deprecated WooCommerce code - Version headers (WC tested up to, WC requires at least) - Database safety (dbDelta usage) - Blocks compatibility - Payment gateway implementation - Shipping method implementation - AJAX security All tools follow opencode AGENTS.md coding standards
17 KiB
17 KiB