Skip to content

Warn authors against including AI instructions in final plugin code #1065

New issue
New issue
Open
#1136
Open
Warn authors against including AI instructions in final plugin code#1065
#1136
@davidperezgar

Description

@davidperezgar
davidperezgar
opened on Sep 25, 2025

Problem

Some WordPress plugins include AI-specific instructions (e.g. prompts, meta-guidelines, or comments intended for AI tools) within the plugin package that is distributed publicly.

Additionally, many of these files are meant only for development or non-production environments, but there is currently no distinction made when validating plugins.

Including these files in production plugins can:

  • Expose internal or AI-related development instructions
  • Create confusion for users and reviewers
  • Reduce code quality and professionalism
  • Violate best practices for production-ready plugins

Proposed Improvement

Enhance Plugin Check to:

  1. Detect AI-related instructions and development-only files.
  2. Differentiate behavior based on whether the plugin is intended for a production environment.

Detection Scope

Plugin Check should scan for:

  • AI instruction content (e.g. “AI instructions”, “ChatGPT”, “Claude rules”, prompt-style guidance).
  • Development or AI-tool–specific configuration folders/files, such as:
    • .cursor/
    • .claude/
    • .github/
  • Markdown files in the plugin root that are not:
    • README.md
    • readme.txt
    • LICENSE / LICENSE.md

These files are often used for internal workflows or AI tooling and should not ship with production plugins.

Environment-Based Behavior

  • Non-production environment

    • Show a warning
    • Explain that AI instructions or development-only files were detected
    • Recommend removing them before production release

  • Production environment

    • Raise a validation error
    • Clearly state that AI instructions or development-only files must not be included in production plugins
    • Block passing Plugin Check until resolved

Expected Behavior

  • Clear, actionable messages explaining:
    • Which files triggered the issue
    • Why they are problematic in production
    • How to fix (remove, relocate, or exclude from release)

Benefits

  • Enforces cleaner, production-ready plugin packages
  • Prevents accidental exposure of AI or internal development instructions
  • Improves overall quality and trust in the WordPress plugin ecosystem
  • Aligns Plugin Check with modern AI-assisted development workflows

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions