Handles the full lifecycle of WordPress plugin development, from bootstrap structure and hook registration through activation routines, Settings API integration, and release packaging. Enforces security fundamentals (nonces, capabilities, sanitization, escaping, prepared statements) and steers you toward predictable patterns like keeping admin code out of the frontend and avoiding fragile activation hook bugs. Targets WordPress 6.9+ and expects a filesystem agent with bash, node, and optionally WP-CLI. The procedure is methodical: triage the repo, detect plugin headers, apply architecture guardrails, then verify activation, settings persistence, and uninstall cleanup. If you're building or refactoring a WordPress plugin and want guardrails that match the Plugin Handbook, this keeps you honest.
npx skills add https://github.com/automattic/agent-skills --skill wp-plugin-development