WordPress Plugin Development Workflow
Overview
This public intake copy packages plugins/antigravity-awesome-skills/skills/wordpress-plugin-development from https://github.com/sickn33/antigravity-awesome-skills into the native Omni Skills editorial shape without hiding its origin.
Use it when the operator needs the upstream workflow, support files, and repository context to stay intact while the public validator and private enhancer continue their normal downstream flow.
This intake keeps the copied upstream files intact and uses the external_source block in metadata.json plus ORIGIN.md as the provenance anchor for review.
WordPress Plugin Development Workflow
Imported source sections that did not map cleanly to the public headings are still preserved below or in the support files. Notable imported sections: WordPress 7.0 Plugin Development, Plugin Structure, WordPress 7.0 Compatibility Checklist, Quality Gates, Limitations.
When to Use This Skill
Use this section as the trigger filter. It should make the activation boundary explicit before the operator loads files, runs commands, or opens a pull request.
- Creating custom WordPress plugins
- Extending WordPress functionality
- Building admin interfaces
- Adding REST API endpoints
- Integrating third-party services
- Implementing WordPress 7.0 AI/Collaboration features
Operating Table
| Situation | Start here | Why it matters |
|---|---|---|
| First-time use | metadata.json | Confirms repository, branch, commit, and imported path through the external_source block before touching the copied workflow |
| Provenance review | ORIGIN.md | Gives reviewers a plain-language audit trail for the imported source |
| Workflow execution | SKILL.md | Starts with the smallest copied file that materially changes execution |
| Supporting context | SKILL.md | Adds the next most relevant copied source file without loading the entire package |
| Handoff decision | ## Related Skills | Helps the operator switch to a stronger native skill when the task drifts |
Workflow
This workflow is intentionally editorial and operational at the same time. It keeps the imported source useful to the operator while still satisfying the public intake standards that feed the downstream enhancer flow.
- app-builder - Project scaffolding
- backend-dev-guidelines - Backend patterns
- Create plugin directory structure
- Set up main plugin file with header
- Implement activation/deactivation hooks
- Set up autoloading
- Configure text domain
Imported Workflow Notes
Imported: Workflow Phases
Phase 1: Plugin Setup
Skills to Invoke
app-builder- Project scaffoldingbackend-dev-guidelines- Backend patterns
Actions
- Create plugin directory structure
- Set up main plugin file with header
- Implement activation/deactivation hooks
- Set up autoloading
- Configure text domain
WordPress 7.0 Plugin Header
/*
Plugin Name: My Plugin
Plugin URI: https://example.com/my-plugin
Description: A WordPress 7.0 compatible plugin with AI and RTC support
Version: 1.0.0
Requires at least: 6.0
Requires PHP: 7.4
Author: Developer Name
License: GPL2+
*/
Copy-Paste Prompts
Use @app-builder to scaffold a new WordPress plugin
Phase 2: Plugin Architecture
Skills to Invoke
backend-dev-guidelines- Architecture patterns
Actions
- Design plugin class structure
- Implement singleton pattern
- Create loader class
- Set up dependency injection
- Configure plugin lifecycle
WordPress 7.0 Architecture Considerations
- Prepare for iframed editor compatibility
- Design for collaboration-aware data flows
- Consider Abilities API for AI integration
Copy-Paste Prompts
Use @backend-dev-guidelines to design plugin architecture
Phase 3: Hooks Implementation
Skills to Invoke
wordpress-penetration-testing- WordPress patterns
Actions
- Register action hooks
- Create filter hooks
- Implement callback functions
- Set up hook priorities
- Add conditional hooks
Copy-Paste Prompts
Use @wordpress-penetration-testing to understand WordPress hooks
Phase 4: Admin Interface
Skills to Invoke
frontend-developer- Admin UI
Actions
- Create admin menu
- Build settings pages
- Implement options registration
- Add settings sections/fields
- Create admin notices
WordPress 7.0 Admin Considerations
- Test with new admin color scheme
- Consider DataViews for data displays
- Implement view transitions
- Use new validation patterns
DataViews Example
import { DataViews } from '@wordpress/dataviews';
const MyPluginDataView = () => {
const data = [/* records */];
const fields = [
{ id: 'title', label: 'Title', sortable: true },
{ id: 'status', label: 'Status', filterBy: true }
];
const view = {
type: 'table',
perPage: 10,
sort: { field: 'title', direction: 'asc' }
};
return (
<DataViews
data={data}
fields={fields}
view={view}
onChangeView={handleViewChange}
/>
);
};
Copy-Paste Prompts
Use @frontend-developer to create WordPress admin interface
Phase 5: Database Operations
Skills to Invoke
database-design- Database designpostgresql- Database patterns
Actions
- Create custom tables
- Implement CRUD operations
- Add data validation
- Set up data sanitization
- Create data upgrade routines
RTC-Compatible Post Meta
// Register meta for Real-Time Collaboration
register_post_meta('post', 'my_custom_field', [
'type' => 'string',
'single' => true,
'show_in_rest' => true, // Required for RTC
'sanitize_callback' => 'sanitize_text_field',
]);
// For WP 7.0, also consider:
register_term_meta('category', 'my_term_field', [
'type' => 'string',
'show_in_rest' => true,
]);
Copy-Paste Prompts
Use @database-design to design plugin database schema
Phase 6: REST API
Skills to Invoke
api-design-principles- API designapi-patterns- API patterns
Actions
- Register REST routes
- Create endpoint callbacks
- Implement permission callbacks
- Add request validation
- Document API endpoints
WordPress 7.0 REST API Enhancements
- Abilities API integration
- AI Connector endpoints
- Enhanced validation
Copy-Paste Prompts
Use @api-design-principles to create WordPress REST API endpoints
Phase 7: Security
Skills to Invoke
wordpress-penetration-testing- WordPress securitysecurity-scanning-security-sast- Security scanning
Actions
- Implement nonce verification
- Add capability checks
- Sanitize all inputs
- Escape all outputs
- Secure database queries
WordPress 7.0 Security Considerations
- Test Abilities API permission boundaries
- Validate AI connector credential handling
- Review collaboration data isolation
- PHP 7.4+ requirement compliance
Copy-Paste Prompts
Use @wordpress-penetration-testing to audit plugin security
Phase 8: WordPress 7.0 Features
Skills to Invoke
api-design-principles- AI integrationbackend-dev-guidelines- Block development
AI Connector Implementation
// Using WordPress 7.0 AI Connector
add_action('save_post', 'my_plugin_generate_ai_summary', 10, 2);
function my_plugin_generate_ai_summary($post_id, $post) {
if (wp_is_post_autosave($post_id) || wp_is_post_revision($post_id)) {
return;
}
// Check if AI client is available
if (!function_exists('wp_ai_client_prompt')) {
return;
}
$content = strip_tags($post->post_content);
if (empty($content)) {
return;
}
// Build prompt - direct string concatenation for input
$result = wp_ai_client_prompt(
'Create a compelling 2-sentence summary for social media: ' . substr($cont