WordPress to Static Site

Convert a WordPress website to a static site and deploy to Cloudflare Pages. Mirrors the rendered HTML via SSH, extracts only referenced assets (shrinks 1.5GB+ to ~25MB), fixes URLs, self-hosts fonts, strips WordPress cruft, and deploys. Use when migrating a WordPress site to static hosting.

This skill appears to do what it says, but you should: (1) ensure your SSH key and known_hosts are correct and that you understand the remote commands that will run; (2) double-check the rsync exclude patterns and run the provided 'find' checks to confirm no PHP/config/.env files were copied before committing or pushing; (3) review the Git repo locally before pushing to GitHub to avoid accidentally committing secrets; (4) keep backups of the original site until the static deployment is validated; (5) prefer running these commands interactively yourself (the skill is instruction-only and model invocation is disabled) so you can confirm each step. If you need greater assurance, ask the skill author for a sample dry-run output or a checklist showing the exact files that will be transferred and excluded.

Type: OpenClaw Skill Name: wp-to-static Version: 1.2.0 The skill bundle is designed for a complex, high-privilege operation (migrating a WordPress site via SSH to static hosting). Despite requiring extensive permissions (SSH, file system, network access), the `SKILL.md` demonstrates an exceptionally strong focus on security. It explicitly defines and enforces numerous security best practices, including using `ssh-agent`, strict host key checking, comprehensive exclusion of sensitive files during rsync, multiple verification steps to prevent data leakage or accidental commits, and clear 'Safety Rules' for the agent. The instructions are transparent, directly align with the stated purpose, and include `disable-model-invocation: true`. There is no evidence of intentional malicious behavior, data exfiltration, persistence, or obfuscation.