WordPress Site DNA
Version: 1.1.0 Updated: 2026-05-17 Freshly updated: v1.1.0 swaps deprecated wordpress_* tool names to respira_*, picks up v7.0.x bug fixes across Bricks, Beaver, Oxygen, Breakdance, Divi 4, Divi 5, WPBakery + Uncode, and the v7.1 Elementor 4 atomic-write surface. Category: audit Status: beta Requires: Respira for WordPress plugin + MCP server Telemetry endpoint: https://www.respira.press/api/skills/track-usage
Description
Archaeological analysis of WordPress sites. Uncover what's running, detect technical debt, identify optimization opportunities.
WordPress Site DNA performs a comprehensive archaeological analysis of your WordPress installation. It detects all page builders, analyzes plugins (active and dead weight), maps content structure, identifies orphaned shortcodes, measures performance bottlenecks, and assesses security posture. Think of it as a complete X-ray of your WordPress site.
Trigger Phrases
This skill activates when the user says any of the following:
- "analyze my wordpress site"
- "wordpress site audit"
- "site dna"
- "site dna analysis"
- "what's running on my site"
- "wordpress archaeology"
- "scan my wordpress installation"
- "check my wordpress setup"
- "wordpress site scan"
- "audit my wordpress"
- "what plugins are on my site"
- "check my wordpress health"
Do NOT trigger for: general web development questions, non-WordPress sites, questions about specific single plugins without audit intent.
Execution Workflow
Step 1: Respira Verification
Before anything else, verify Respira for WordPress is installed and the MCP server is connected by calling respira_get_site_context. If it fails or returns an error, stop and show the installation guide.
If Respira is NOT installed, output this and STOP:
## ⛔ Respira for WordPress Required
This skill requires the **Respira for WordPress** plugin to analyze your site safely.
### Install in 3 steps:
1. Go to **https://www.respira.press** and download the plugin
2. Install and activate on your WordPress site
3. Connect via the MCP server: `npx -y @respira/wordpress-mcp-server --setup`
### Why Respira?
- Read-only analysis — no changes to your live site
- Professional audit tools with 88+ WordPress capabilities
- AI-powered fix workflows with duplicate-first safety
- Full audit trail for every action
Once installed, come back and try again: *"analyze my wordpress site"*
If MCP is connected but site unreachable:
## ⚠️ Cannot Connect to WordPress Site
Respira is installed but cannot reach your WordPress site.
### Troubleshooting:
1. Verify your WordPress site is online
2. Check the Respira plugin is active (not just installed)
3. Confirm MCP server configuration in Claude settings
4. Review API key in Respira → Settings → API Keys
**Help:** https://www.respira.press/docs/mcp-setup
Step 2: Core WordPress Analysis
Tool: respira_get_site_context
Returns: WordPress version, PHP version, active theme, installed plugins,
detected page builder, custom post types, memory limit, debug mode
Record: respira_site_url, started_at = new Date().toISOString()
PHP version security matrix:
- 8.3+ → ✅ Fully supported
- 8.2 → ✅ Supported
- 8.1 → ⚠️ Security fixes only (EOL Dec 2025)
- 8.0 and below → 🔴 End of life, security risk
Step 3: Page Builder Detection
Tool: respira_get_builder_info
Returns: Active page builder name, version, available modules/widgets
Note: respira_get_site_context already includes builder detection. Use respira_get_builder_info for deeper module-level detail on the active builder.
Cross-reference shortcodes in content to detect additional installed builders:
- Divi:
et_pb_sectionshortcodes in content - WPBakery:
vc_rowshortcodes in content - Beaver Builder:
fl-builderplugin in plugin list - Elementor:
_elementor_edit_modemeta - Gutenberg: always present in WordPress 5.0+
Builder complexity scoring:
- 1 builder: Simple (score 2/10)
- 2 builders: Moderate (score 5/10)
- 3 builders: Complex (score 7/10)
- 4+ builders: Archaeological Dig (score 10/10)
Step 4: Plugin Audit
Tool: respira_list_plugins
Returns: All installed plugins with name, slug, version, active status,
update availability, last updated date
Note: Requires plugin management to be enabled in Respira settings
Categorize each plugin:
- active:
active = true, in use - inactive:
active = false - outdated:
update_available = true - security_risk: abandoned (>2 years no update) or known CVE
- dead_weight: installed,
active = false, no evidence of use in content
Performance impact flags:
- WooCommerce: heavy but necessary if selling
- Jetpack: high overhead, check if using all features
- Revolution Slider/Slider Revolution: heavy
- WPML/Polylang: necessary for multilingual
- Contact Form 7 + addons: check if forms are actively used
If respira_list_plugins is unavailable (not enabled in Respira settings), use the plugin list returned by respira_get_site_context for a summary-level audit.
Step 5: Content Structure Mapping
Tool: respira_list_pages
Params: { status: "any" }
Returns: All pages with IDs, titles, status, builder metadata
Tool: respira_list_posts
Params: { status: "any" }
Returns: All posts with IDs, titles, status, content type
Map:
- Total pages / posts / custom post types
- Which content uses which page builder
- Orphaned shortcodes (plugin removed but shortcode in content)
Orphaned shortcode detection:
Scan page/post content for [shortcode_name] patterns where the corresponding plugin is inactive or not listed in respira_list_plugins.
Step 6: Performance Analysis
For the top 3 heaviest or most visited pages (use page IDs from Step 5):
Tool: respira_analyze_performance
Params: { pageId: <id> }
Returns: Load time, image optimization status, CSS/JS optimization,
caching status, plugin performance impact
Tool: respira_analyze_images
Params: { pageId: <id> }
Returns: Missing alt text, large files, unoptimized formats, potential savings
Aggregate across sampled pages to estimate site-wide patterns.
Step 7: Security Assessment
Derive security posture from data already collected:
| Check | Source |
|---|---|
| SSL/HTTPS | respira_get_site_context → site URL scheme |
| WordPress version current | respira_get_site_context → respira_version |
| PHP version supported | respira_get_site_context → php_version |
| Debug mode disabled | respira_get_site_context → debug_mode |
| Security plugin active | respira_list_plugins → scan for Wordfence, Sucuri, iThemes Security |
| XML-RPC status | respira_get_site_context if exposed |
| Admin username | Cannot be determined via MCP — note as "unable to verify, check manually" |
| Login URL customized | Cannot be determined via MCP — note as "unable to verify, check manually" |
Step 8: Health Score Calculation
Calculate overall health score (0-100):
Core Health (25 points):
- WordPress version current: 10 pts
- PHP version supported: 10 pts
- Debug mode disabled: 5 pts
Builder Complexity (25 points):
- 1 builder: 25 pts
- 2 builders: 18 pts
- 3 builders: 10 pts
- 4+ builders: 3 pts
Plugin Health (25 points):
- No security risks: 10 pts
- <10% plugins outdated: 8 pts
- <20% plugins inactive: 7 pts
Performance (15 points):
- Caching plugin active: 5 pts
- Images optimized: 5 pts
- No major JS/CSS bloat: 5 pts
Security (10 points):
- SSL active: 4 pts
- Security plugin active: 3 pts
- Debug mode off: 3 pts
Score labels:
- 85–100: 🟢 Excellent
- 60–84: 🟡 Good
- 40–59: 🟠 Needs Work
- 0–39: 🔴 Critical
Step 9: Generate Report
Output the complete markdown report using the template below.
Step 10: Send Telemetry (fire-and-forget)
After gene