科研技能库/WordPress 开发工作流套装
productivity
低风险

WordPress 开发工作流套装

覆盖主题开发、插件创建、WooCommerce 集成、性能优化和安全加固的完整 WordPress 开发工作流,包含 WordPress 7.0 新特性。

文件预览

1 个文件
SKILL.md
17.6 KB · 可预览
---
name: wordpress
description: "Complete WordPress development workflow covering theme development, plugin creation, WooCommerce integration, performance optimization, and security hardening. Includes WordPress 7.0 features: Real-Time Collaboration, AI Connectors, Abilities API, DataViews, and PHP-only blocks."
category: workflow-bundle
risk: safe
source: personal
date_added: "2026-02-27"
---

# WordPress Development Workflow Bundle

## Overview

Comprehensive WordPress development workflow covering theme development, plugin creation, WooCommerce integration, performance optimization, and security. This bundle orchestrates skills for building production-ready WordPress sites and applications.

## WordPress 7.0 Features (Backward Compatible)

WordPress 7.0 (April 9, 2026) introduces significant features while maintaining backward compatibility:

### Real-Time Collaboration (RTC)
- Multiple users can edit simultaneously using Yjs CRDT
- HTTP polling provider (configurable via `WP_COLLABORATION_MAX_USERS`)
- Custom transport via `sync.providers` filter
- **Backward Compatibility**: Falls back to post locking when legacy meta boxes detected

### AI Connectors API
- Provider-agnostic AI interface in core (`wp_ai_client_prompt()`)
- Settings > Connectors for centralized API credential management
- Official providers: OpenAI, Anthropic Claude, Google Gemini
- **Backward Compatibility**: Works with WordPress 6.9+ via plugin

### Abilities API (Stable in 7.0)
- Standardized capability declaration system
- REST API endpoints: `/wp-json/abilities/v1/manifest`
- MCP adapter for AI agent integration
- **Backward Compatibility**: Can be used as Composer package in 6.x

### DataViews & DataForm
- Replaces WP_List_Table on Posts, Pages, Media screens
- New layouts: table, grid, list, activity
- Client-side validation (pattern, minLength, maxLength, min, max)
- **Backward Compatibility**: Plugins using old hooks still work

### PHP-Only Block Registration
- Register blocks entirely via PHP without JavaScript
- Auto-generated Inspector controls
- **Backward Compatibility**: Existing JS blocks continue to work

### Interactivity API Updates
- `watch()` replaces `effect` from @preact/signals
- State navigation changes
- **Backward Compatibility**: Old syntax deprecated but functional

### Admin Refresh
- New default color scheme
- View transitions between admin screens
- **Backward Compatibility**: CSS-level changes, no breaking changes

### Pattern Editing
- ContentOnly mode defaults for unsynced patterns
- `disableContentOnlyForUnsyncedPatterns` setting
- **Backward Compatibility**: Existing patterns work

## When to Use This Workflow

Use this workflow when:
- Building new WordPress websites
- Creating custom themes
- Developing WordPress plugins
- Setting up WooCommerce stores
- Optimizing WordPress performance
- Hardening WordPress security
- Implementing WordPress 7.0 features (RTC, AI, DataViews)

## Workflow Phases

### Phase 1: WordPress Setup

#### Skills to Invoke
- `app-builder` - Project scaffolding
- `environment-setup-guide` - Development environment

#### Actions
1. Set up local development environment (LocalWP, Docker, or Valet)
2. Install WordPress (recommend 7.0+ for new projects)
3. Configure development database
4. Set up version control
5. Configure wp-config.php for development

#### WordPress 7.0 Configuration
```php
// wp-config.php - Collaboration settings
define('WP_COLLABORATION_MAX_USERS', 5);

// AI Connector is enabled by installing a provider plugin
// (e.g., OpenAI, Anthropic Claude, or Google Gemini connector)
// No constant needed - configure via Settings > Connectors in admin
```

#### Copy-Paste Prompts
```
Use @app-builder to scaffold a new WordPress project with modern tooling
```

### Phase 2: Theme Development

#### Skills to Invoke
- `frontend-developer` - Component development
- `frontend-design` - UI implementation
- `tailwind-patterns` - Styling
- `web-performance-optimization` - Performance

#### Actions
1. Design theme architecture
2. Create theme files (style.css, functions.php, index.php)
3. Implement template hierarchy
4. Create custom page templates
5. Add custom post types and taxonomies
6. Implement theme customization options
7. Add responsive design
8. Test with WordPress 7.0 admin refresh

#### WordPress 7.0 Theme Considerations
- Block API v3 now reference model
- Pseudo-element support in theme.json
- Global Styles custom CSS honors block-defined selectors
- View transitions for admin navigation

#### Theme Structure
```
theme-name/
├── style.css
├── functions.php
├── index.php
├── header.php
├── footer.php
├── sidebar.php
├── single.php
├── page.php
├── archive.php
├── search.php
├── 404.php
├── template-parts/
├── inc/
├── assets/
│   ├── css/
│   ├── js/
│   └── images/
└── languages/
```

#### Copy-Paste Prompts
```
Use @frontend-developer to create a custom WordPress theme with React components
```

```
Use @tailwind-patterns to style WordPress theme with modern CSS
```

### Phase 3: Plugin Development

#### Skills to Invoke
- `backend-dev-guidelines` - Backend standards
- `api-design-principles` - API design
- `auth-implementation-patterns` - Authentication

#### Actions
1. Design plugin architecture
2. Create plugin boilerplate
3. Implement hooks (actions and filters)
4. Create admin interfaces
5. Add custom database tables
6. Implement REST API endpoints
7. Add settings and options pages

#### WordPress 7.0 Plugin Considerations
- **RTC Compatibility**: Register post meta with `show_in_rest => true`
- **AI Integration**: Use `wp_ai_client_prompt()` for AI features
- **DataViews**: Consider new admin UI patterns
- **Meta Boxes**: Migrate to block-based UIs for collaboration support

#### RTC-Compatible Post Meta Registration
```php
register_post_meta('post', 'custom_field', [
    'type' => 'string',
    'single' => true,
    'show_in_rest' => true,  // Required for RTC
    'sanitize_callback' => 'sanitize_text_field',
]);
```

#### AI Connector Example
```php
// Using WordPress 7.0 AI Connector
// Note: Requires an AI provider plugin (OpenAI, Claude, or Gemini) to be installed and configured

// Basic text generation
$response = wp_ai_client_prompt('Summarize this content.')
    ->generate_text();

// With temperature for deterministic output
$response = wp_ai_client_prompt('Summarize this content.')
    ->using_temperature(0.2)
    ->generate_text();

// With model preference (tries first available in list)
$response = wp_ai_client_prompt('Summarize this content.')
    ->using_model_preference('gpt-4', 'claude-3-opus', 'gemini-2-pro')
    ->generate_text();

// For JSON structured output
$schema = [
    'type' => 'object',
    'properties' => [
        'summary' => ['type' => 'string'],
        'keywords' => ['type' => 'array', 'items' => ['type' => 'string']]
    ],
    'required' => ['summary']
];
$response = wp_ai_client_prompt('Analyze this content and return JSON.')
    ->using_system_instruction('You are a content analyzer.')
    ->as_json_response($schema)
    ->generate_text();
```

#### Plugin Structure
```
plugin-name/
├── plugin-name.php
├── includes/
│   ├── class-plugin-activator.php
│   ├── class-plugin-deactivator.php
│   ├── class-plugin-loader.php
│   └── class-plugin.php
├── admin/
│   ├── class-plugin-admin.php
│   ├── css/
│   └── js/
├── public/
│   ├── class-plugin-public.php
│   ├── css/
│   └── js/
└── languages/
```

#### Copy-Paste Prompts
```
Use @backend-dev-guidelines to create a WordPress plugin with proper architecture
```

### Phase 4: WooCommerce Integration

#### Skills to Invoke
- `payment-integration` - Payment processing
- `stripe-integration` - Stripe payments
- `billing-automation` - Billing workflows

#### Actions
1. Install and configure WooCommerce
2. Create custom product types
3. Customize checkout flow
4. Integrate payment gateways
5. Set up shipping methods
6. Create custom order statuses
7. Implement subscription products
8. Add custom email templates

#### WordPress 7.0 + WooCommerce Considerations
- Test checkout with new admin interfaces
- AI connectors for product descriptions
- DataViews for order management screens
- RTC for collaborative order editing

#### Copy-Paste Prompts
```
Use @payment-integration to set up WooCommerce with Stripe
```

```
Use @billing-automation to create subscription products in WooCommerce
```

### Phase 5: Performance Optimization

#### Skills to Invoke
- `web-performance-optimization` - Performance optimization
- `database-optimizer` - Database optimization

#### Actions
1. Implement caching (object, page, browser)
2. Optimize images (lazy loading, WebP)
3. Minify and combine assets
4. Enable CDN
5. Optimize database queries
6. Implement lazy loading
7. Configure OPcache
8. Set up Redis/Memcached

#### WordPress 7.0 Performance
- Client-side media processing
- Font Library enabled for all themes
- Responsive grid block optimizations
- View transitions reduce perceived load time

#### Performance Checklist
- [ ] Page load time < 3 seconds
- [ ] Time to First Byte < 200ms
- [ ] Largest Contentful Paint < 2.5s
- [ ] Cumulative Layout Shift < 0.1
- [ ] First Input Delay < 100ms

#### Copy-Paste Prompts
```
Use @web-performance-optimization to audit and improve WordPress performance
```

### Phase 6: Security Hardening

#### Skills to Invoke
- `security-auditor` - Security audit
- `wordpress-penetration-testing` - WordPress security testing
- `sast-configuration` - Static analysis

#### Actions
1. Update WordPress core, themes, plugins
2. Implement security headers
3. Configure file permissions
4. Set up firewall rules
5. Enable two-factor authentication
6. Implement rate limiting
7. Configure security logging
8. Set up malware scanning

#### WordPress 7.0 Security Considerations
- PHP 7.4 minimum (drops 7.2/7.3 support)
- Test Abilities API permission boundaries
- Verify collaboration data isolation
- AI connector credential security

#### Security Checklist
- [ ] WordPress core updated (7.0+ recommended)
- [ ] All plugins/themes updated
- [ ] Strong passwords enforced
- [ ] Two-factor authentication enabled
- [ ] Security headers configured
- [ ] XML-RPC disabled or protected
- [ ] File editing disabled
- [ ] Database prefix changed
- [ ] Regular backups configured

#### Copy-Paste Prompts
```
Use @wordpress-penetration-testing to audit WordPress security
```

```
Use @security-auditor to perform comprehensive security review
```

### Phase 7: Testing

#### Skills to Invoke
- `test-automator` - Test automation
- `playwright-skill` - E2E testing
- `webapp-testing` - Web app testing

#### Actions
1. Write unit tests for custom code
2. Create integration tests
3. Set up E2E tests
4. Test cross-browser compatibility
5. Test responsive design
6. Performance testing
7. Security testing

#### WordPress 7.0 Testing Priorities
- Test with iframed post editor
- Verify DataViews integration
- Test collaboration (RTC) workflows
- Validate AI connector functionality
- Test Interactivity API with watch()

#### Copy-Paste Prompts
```
Use @playwright-skill to create E2E tests for WordPress site
```

### Phase 8: Deployment

#### Skills to Invoke
- `deployment-engineer` - Deployment
- `cicd-automation-workflow-automate` - CI/CD
- `github-actions-templates` - GitHub Actions

#### Actions
1. Set up staging environment
2. Configure deployment pipeline
3. Set up database migrations
4. Configure environment variables
5. Enable maintenance mode during deployment
6. Deploy to production
7. Verify deployment
8. Monitor post-deployment

#### Copy-Paste Prompts
```
Use @deployment-engineer to set up WordPress deployment pipeline
```

## WordPress-Specific Workflows

### Custom Post Type Development (RTC-Compatible)
```php
register_post_type('book', [
    'labels' => [...],
    'public' => true,
    'has_archive' => true,
    'supports' => ['title', 'editor', 'thumbnail', 'excerpt'],
    'menu_icon' => 'dashicons-book',
    'show_in_rest' => true,  // Enable for RTC
]);

// Register meta with REST API for collaboration
register_post_meta('book', 'isbn', [
    'type' => 'string',
    'single' => true,
    'show_in_rest' => true,
    'sanitize_callback' => 'sanitize_text_field',
]);
```

### Custom REST API Endpoint
```php
add_action('rest_api_init', function() {
    register_rest_route('myplugin/v1', '/books', [
        'methods' => 'GET',
        'callback' => 'get_books',
        'permission_callback' => '__return_true',
    ]);
});
```

### WordPress 7.0 AI Connector Usage
```php
// Auto-generate post excerpt with AI
add_action('save_post', function($post_id, $post) {
    if (wp_is_post_autosave($post_id) || wp_is_post_revision($post_id)) {
        return;
    }
    
    // Skip if excerpt already exists
    if (!empty($post->post_excerpt)) {
        return;
    }
    
    $content = strip_tags($post->post_content);
    if (empty($content)) {
        return;
    }
    
    // Check if AI client is available
    if (!function_exists('wp_ai_client_prompt')) {
        return;
    }
    
    // Build prompt with input
    $result = wp_ai_client_prompt(
        'Create a brief 2-sentence summary of this content: ' . substr($content, 0, 1000)
    );
    
    if (is_wp_error($result)) {
        return; // Silently fail - don't block post saving
    }
    
    // Use temperature for consistent output
    $result->using_temperature(0.3);
    $summary = $result->generate_text();
    
    if ($summary && !is_wp_error($summary)) {
        wp_update_post([
            'ID' => $post_id,
            'post_excerpt' => sanitize_textarea_field($summary)
        ]);
    }
}, 10, 2);
```

### PHP-Only Block Registration (WordPress 7.0)
```php
// Register block entirely in PHP
register_block_type('my-plugin/hello-world', [
    'render_callback' => function($attributes, $content) {
        return '<p class="hello-world">Hello, World!</p>';
    },
    'attributes' => [
        'message' => ['type' => 'string', 'default' => 'Hello!']
    ],
]);
```

### Abilities API Registration
```php
// Register ability category on correct hook
add_action('wp_abilities_api_categories_init', function() {
    wp_register_ability_category('content-creation', [
        'label' => __('Content Creation', 'my-plugin'),
        'description' => __('Abilities for generating and managing content', 'my-plugin'),
    ]);
});

// Register abilities on correct hook
add_action('wp_abilities_api_init', function() {
    wp_register_ability('my-plugin/generate-summary', [
        'label' => __('Generate Post Summary', 'my-plugin'),
        'description' => __('Creates an AI-powered summary of a post', 'my-plugin'),
        'category' => 'content-creation',
        'input_schema' => [
            'type' => 'object',
            'properties' => [
                'post_id' => ['type' => 'integer', 'description' => 'The post ID to summarize']
            ],
            'required' => ['post_id']
        ],
        'output_schema' => [
            'type' => 'object',
            'properties' => [
                'summary' => ['type' => 'string', 'description' => 'The generated summary']
            ]
        ],
        'execute_callback' => 'my_plugin_generate_summary_handler',
        'permission_callback' => function() {
            return current_user_can('edit_posts');
        }
    ]);
});

// Handler function for the ability
function my_plugin_generate_summary_handler($input) {
    $post_id = isset($input['post_id']) ? absint($input['post_id']) : 0;
    $post = get_post($post_id);
    
    if (!$post) {
        return new WP_Error('invalid_post', 'Post not found');
    }
    
    $content = strip_tags($post->post_content);
    if (empty($content)) {
        return ['summary' => ''];
    }
    
    if (!function_exists('wp_ai_client_prompt')) {
        return new WP_Error('ai_unavailable', 'AI client not available');
    }
    
    $result = wp_ai_client_prompt('Summarize in 2 sentences: ' . substr($content, 0, 1000))
        ->using_temperature(0.3)
        ->generate_text();
    
    if (is_wp_error($result)) {
        return $result;
    }
    
    return ['summary' => sanitize_textarea_field($result)];
}
```

### WooCommerce Custom Product Type
```php
add_action('init', function() {
    class WC_Product_Custom extends WC_Product {
        // Custom product implementation
    }
});
```

## Quality Gates

Before moving to next phase, verify:
- [ ] All custom code tested
- [ ] Security scan passed
- [ ] Performance targets met
- [ ] Cross-browser tested
- [ ] Mobile responsive verified
- [ ] Accessibility checked (WCAG 2.1)
- [ ] WordPress 7.0 compatibility verified (for new projects)

## Related Workflow Bundles

- `development` - General web development
- `security-audit` - Security testing
- `testing-qa` - Testing workflow
- `ecommerce` - E-commerce development

(End of file - total 440 lines)

## Limitations
- Use this skill only when the task clearly matches the scope described above.
- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.

SKILL.md

raw
元数据
namewordpress
descriptionComplete WordPress development workflow covering theme development, plugin creation, WooCommerce integration, performance optimization, and security hardening. Includes WordPress 7.0 features: Real-Time Collaboration, AI Connectors, Abilities API, DataViews, and PHP-only blocks.
categoryworkflow-bundle
risksafe
sourcepersonal
date_added2026-02-27

WordPress 开发工作流套装

概述

全面的 WordPress 开发工作流,涵盖主题开发、插件创建、WooCommerce 集成、性能优化和安全。本套装编排了用于构建生产就绪型 WordPress 站点和应用的各项技能。

WordPress 7.0 特性(向下兼容)

WordPress 7.0(2026 年 4 月 9 日发布)带来了重要新特性,同时保持向下兼容:

实时协作(RTC)

  • 多个用户可通过 Yjs CRDT 同时编辑
  • 提供 HTTP 轮询提供程序(可通过 WP_COLLABORATION_MAX_USERS 配置)
  • 可通过 sync.providers 过滤器实现自定义传输
  • 向下兼容:检测到旧版元框时回退到文章锁定机制

AI 连接器 API

  • 核心中提供与提供商无关的 AI 接口(wp_ai_client_prompt()
  • 设置 > 连接器,用于集中管理 API 凭据
  • 官方提供商:OpenAI、Anthropic Claude、Google Gemini
  • 向下兼容:可通过插件在 WordPress 6.9+ 上使用

能力 API(7.0 中稳定)

  • 标准化的能力声明系统
  • REST API 端点:/wp-json/abilities/v1/manifest
  • 用于 AI 代理集成的 MCP 适配器
  • 向下兼容:可作为 Composer 包在 6.x 中使用

DataViews 与 DataForm

  • 在文章、页面、媒体等界面中替代 WP_List_Table
  • 新增布局:表格、网格、列表、活动
  • 客户端验证(pattern、minLength、maxLength、min、max)
  • 向下兼容:使用旧钩子的插件仍可正常工作

纯 PHP 区块注册

  • 无需 JavaScript,完全通过 PHP 注册区块
  • 自动生成检查器控件
  • 向下兼容:现有 JS 区块继续有效

交互性 API 更新

  • watch() 替代了 @preact/signals 中的 effect
  • 状态导航变更
  • 向下兼容:旧语法已废弃但仍可用

管理后台刷新

  • 新的默认配色方案
  • 管理界面间的视图过渡
  • 向下兼容:CSS 层面的变化,无破坏性变动

模式编辑

  • 未同步模式默认启用仅内容模式
  • disableContentOnlyForUnsyncedPatterns 设置
  • 向下兼容:现有模式正常工作

何时使用本工作流

在以下场景使用本工作流:

  • 构建新的 WordPress 网站
  • 创建自定义主题
  • 开发 WordPress 插件
  • 搭建 WooCommerce 商店
  • 优化 WordPress 性能
  • 加强 WordPress 安全
  • 实现 WordPress 7.0 特性(RTC、AI、DataViews)

工作流阶段

第一阶段:WordPress 搭建

需调用的技能

  • app-builder - 项目脚手架
  • environment-setup-guide - 开发环境

操作步骤

  1. 搭建本地开发环境(LocalWP、Docker 或 Valet)
  2. 安装 WordPress(推荐 7.0 及以上版本用于新项目)
  3. 配置开发数据库
  4. 设置版本控制
  5. 配置开发环境的 wp-config.php

WordPress 7.0 配置

php
// wp-config.php - 协作设置
define('WP_COLLABORATION_MAX_USERS', 5);

// 通过安装提供商插件来启用 AI 连接器
// (例如 OpenAI、Anthropic Claude 或 Google Gemini 连接器)
// 无需定义常量 - 通过后台 设置 > 连接器 进行配置

复制粘贴提示

text
使用 @app-builder 为新的 WordPress 项目搭建现代化工具链脚手架

第二阶段:主题开发

需调用的技能

  • frontend-developer - 组件开发
  • frontend-design - UI 实现
  • tailwind-patterns - 样式
  • web-performance-optimization - 性能

操作步骤

  1. 设计主题架构
  2. 创建主题文件(style.css、functions.php、index.php)
  3. 实现模板层次结构
  4. 创建自定义页面模板
  5. 添加自定义文章类型和分类法
  6. 实现主题定制选项
  7. 添加响应式设计
  8. 使用 WordPress 7.0 管理界面刷新进行测试

WordPress 7.0 主题注意事项

  • 区块 API v3 现引用模型
  • theme.json 支持伪元素
  • 全局样式自定义 CSS 遵循区块定义的选择器
  • 管理界面导航的视图过渡

主题目录结构

text
theme-name/
├── style.css
├── functions.php
├── index.php
├── header.php
├── footer.php
├── sidebar.php
├── single.php
├── page.php
├── archive.php
├── search.php
├── 404.php
├── template-parts/
├── inc/
├── assets/
│   ├── css/
│   ├── js/
│   └── images/
└── languages/

复制粘贴提示

text
使用 @frontend-developer 创建带有 React 组件的自定义 WordPress 主题
text
使用 @tailwind-patterns 为 WordPress 主题编写现代化 CSS 样式

第三阶段:插件开发

需调用的技能

  • backend-dev-guidelines - 后端标准
  • api-design-principles - API 设计
  • auth-implementation-patterns - 认证

操作步骤

  1. 设计插件架构
  2. 创建插件模板代码
  3. 实现钩子(动作和过滤器)
  4. 创建管理界面
  5. 添加自定义数据库表
  6. 实现 REST API 端点
  7. 添加设置和选项页面

WordPress 7.0 插件注意事项

  • RTC 兼容:注册文章元数据时需设置 show_in_rest => true
  • AI 集成:使用 wp_ai_client_prompt() 实现 AI 功能
  • DataViews:考虑新的管理界面模式
  • 元框:迁移至基于区块的 UI 以支持协作

兼容 RTC 的文章元数据注册

php
register_post_meta('post', 'custom_field', [
    'type' => 'string',
    'single' => true,
    'show_in_rest' => true,  // RTC 所必需
    'sanitize_callback' => 'sanitize_text_field',
]);

AI 连接器示例

php
// 使用 WordPress 7.0 AI 连接器
// 注意:需要安装并配置 AI 提供商插件(OpenAI、Claude 或 Gemini)

// 基本文本生成
$response = wp_ai_client_prompt('Summarize this content.')
    ->generate_text();

// 使用温度参数获得确定性输出
$response = wp_ai_client_prompt('Summarize this content.')
    ->using_temperature(0.2)
    ->generate_text();

// 指定模型偏好(按列表顺序尝试第一个可用模型)
$response = wp_ai_client_prompt('Summarize this content.')
    ->using_model_preference('gpt-4', 'claude-3-opus', 'gemini-2-pro')
    ->generate_text();

// JSON 结构化输出
$schema = [
    'type' => 'object',
    'properties' => [
        'summary' => ['type' => 'string'],
        'keywords' => ['type' => 'array', 'items' => ['type' => 'string']]
    ],
    'required' => ['summary']
];
$response = wp_ai_client_prompt('Analyze this content and return JSON.')
    ->using_system_instruction('You are a content analyzer.')
    ->as_json_response($schema)
    ->generate_text();

插件目录结构

text
plugin-name/
├── plugin-name.php
├── includes/
│   ├── class-plugin-activator.php
│   ├── class-plugin-deactivator.php
│   ├── class-plugin-loader.php
│   └── class-plugin.php
├── admin/
│   ├── class-plugin-admin.php
│   ├── css/
│   └── js/
├── public/
│   ├── class-plugin-public.php
│   ├── css/
│   └── js/
└── languages/

复制粘贴提示

text
使用 @backend-dev-guidelines 创建具有合理架构的 WordPress 插件

第四阶段:WooCommerce 集成

需调用的技能

  • payment-integration - 支付处理
  • stripe-integration - Stripe 支付
  • billing-automation - 计费工作流

操作步骤

  1. 安装并配置 WooCommerce
  2. 创建自定义产品类型
  3. 自定义结账流程
  4. 集成支付网关
  5. 设置配送方式
  6. 创建自定义订单状态
  7. 实现订阅产品
  8. 添加自定义邮件模板

WordPress 7.0 + WooCommerce 注意事项

  • 使用新的管理界面测试结账流程
  • 利用 AI 连接器生成产品描述
  • 使用 DataViews 管理订单界面
  • RTC 用于协作编辑订单

复制粘贴提示

text
使用 @payment-integration 为 WooCommerce 集成 Stripe 支付
text
使用 @billing-automation 在 WooCommerce 中创建订阅产品

第五阶段:性能优化

需调用的技能

  • web-performance-optimization - 性能优化
  • database-optimizer - 数据库优化

操作步骤

  1. 实现缓存(对象、页面、浏览器)
  2. 优化图片(懒加载、WebP)
  3. 压缩与合并静态资源
  4. 启用 CDN
  5. 优化数据库查询
  6. 实现懒加载
  7. 配置 OPcache
  8. 配置 Redis/Memcached

WordPress 7.0 性能

  • 客户端媒体处理
  • 所有主题均可使用字体库
  • 响应式网格区块优化
  • 视图过渡降低感知加载时间

性能检查清单

  • 页面加载时间 < 3 秒
  • 首字节时间 < 200 ms
  • 最大内容绘制 < 2.5 秒
  • 累计布局偏移 < 0.1
  • 首次输入延迟 < 100 ms

复制粘贴提示

text
使用 @web-performance-optimization 审计并改善 WordPress 性能

第六阶段:安全加固

需调用的技能

  • security-auditor - 安全审计
  • wordpress-penetration-testing - WordPress 安全测试
  • sast-configuration - 静态分析

操作步骤

  1. 更新 WordPress 核心、主题、插件
  2. 实施安全头
  3. 配置文件权限
  4. 设置防火墙规则
  5. 启用双因素认证
  6. 实施速率限制
  7. 配置安全日志
  8. 设置恶意软件扫描

WordPress 7.0 安全注意事项

  • 最低 PHP 版本要求 7.4(不再支持 7.2/7.3)
  • 测试能力 API 的权限边界
  • 验证协作数据隔离
  • AI 连接器凭据安全

安全检查清单

  • WordPress 核心已更新(推荐 7.0+)
  • 所有插件和主题已更新
  • 强制使用强密码
  • 已启用双因素认证
  • 已配置安全头
  • XML-RPC 已禁用或受保护
  • 文件编辑已禁用
  • 数据库前缀已更改
  • 已配置定期备份

复制粘贴提示

text
使用 @wordpress-penetration-testing 审计 WordPress 安全
text
使用 @security-auditor 执行全面安全审查

第七阶段:测试

需调用的技能

  • test-automator - 测试自动化
  • playwright-skill - 端到端测试
  • webapp-testing - Web 应用测试

操作步骤

  1. 为自定义代码编写单元测试
  2. 创建集成测试
  3. 设置端到端测试
  4. 测试跨浏览器兼容性
  5. 测试响应式设计
  6. 性能测试
  7. 安全测试

WordPress 7.0 测试优先级

  • 使用 iframed 文章编辑器进行测试
  • 验证 DataViews 集成
  • 测试协作(RTC)工作流
  • 验证 AI 连接器功能
  • 使用 watch() 测试交互性 API

复制粘贴提示

text
使用 @playwright-skill 为 WordPress 网站创建端到端测试

第八阶段:部署

需调用的技能

  • deployment-engineer - 部署
  • cicd-automation-workflow-automate - CI/CD
  • github-actions-templates - GitHub Actions

操作步骤

  1. 设置预发环境
  2. 配置部署流水线
  3. 设置数据库迁移
  4. 配置环境变量
  5. 部署期间启用维护模式
  6. 部署至生产环境
  7. 验证部署
  8. 部署后监控

复制粘贴提示

text
使用 @deployment-engineer 设置 WordPress 部署流水线

WordPress 特定工作流

自定义文章类型开发(RTC 兼容)

php
register_post_type('book', [
    'labels' => [...],
    'public' => true,
    'has_archive' => true,
    'supports' => ['title', 'editor', 'thumbnail', 'excerpt'],
    'menu_icon' => 'dashicons-book',
    'show_in_rest' => true,  // 为 RTC 启用
]);

// 注册元数据并将其暴露给 REST API 以支持协作
register_post_meta('book', 'isbn', [
    'type' => 'string',
    'single' => true,
    'show_in_rest' => true,
    'sanitize_callback' => 'sanitize_text_field',
]);

自定义 REST API 端点

php
add_action('rest_api_init', function() {
    register_rest_route('myplugin/v1', '/books', [
        'methods' => 'GET',
        'callback' => 'get_books',
        'permission_callback' => '__return_true',
    ]);
});

WordPress 7.0 AI 连接器用法

php
// 使用 AI 自动生成文章摘要
add_action('save_post', function($post_id, $post) {
    if (wp_is_post_autosave($post_id) || wp_is_post_revision($post_id)) {
        return;
    }
    
    // 如果已有摘要则跳过
    if (!empty($post->post_excerpt)) {
        return;
    }
    
    $content = strip_tags($post->post_content);
    if (empty($content)) {
        return;
    }
    
    // 检查 AI 客户端是否可用
    if (!function_exists('wp_ai_client_prompt')) {
        return;
    }
    
    // 构建包含输入的提示词
    $result = wp_ai_client_prompt(
        '为以下内容创建一个简短的两句话摘要:' . substr($content, 0, 1000)
    );
    
    if (is_wp_error($result)) {
        return; // 静默失败 - 不阻塞文章保存
    }
    
    // 使用温度参数获得稳定的输出
    $result->using_temperature(0.3);
    $summary = $result->generate_text();
    
    if ($summary && !is_wp_error($summary)) {
        wp_update_post([
            'ID' => $post_id,
            'post_excerpt' => sanitize_textarea_field($summary)
        ]);
    }
}, 10, 2);

纯 PHP 区块注册(WordPress 7.0)

php
// 完全通过 PHP 注册区块
register_block_type('my-plugin/hello-world', [
    'render_callback' => function($attributes, $content) {
        return '<p class="hello-world">Hello, World!</p>';
    },
    'attributes' => [
        'message' => ['type' => 'string', 'default' => 'Hello!']
    ],
]);

能力 API 注册

php
// 在正确的钩子上注册能力分类
add_action('wp_abilities_api_categories_init', function() {
    wp_register_ability_category('content-creation', [
        'label' => __('内容创作', 'my-plugin'),
        'description' => __('生成和管理内容的能力', 'my-plugin'),
    ]);
});

// 在正确的钩子上注册能力
add_action('wp_abilities_api_init', function() {
    wp_register_ability('my-plugin/generate-summary', [
        'label' => __('生成文章摘要', 'my-plugin'),
        'description' => __('为文章创建 AI 驱动的摘要', 'my-plugin'),
        'category' => 'content-creation',
        'input_schema' => [
            'type' => 'object',
            'properties' => [
                'post_id' => ['type' => 'integer', 'description' => '要生成摘要的文章 ID']
            ],
            'required' => ['post_id']
        ],
        'output_schema' => [
            'type' => 'object',
            'properties' => [
                'summary' => ['type' => 'string', 'description' => '生成的摘要']
            ]
        ],
        'execute_callback' => 'my_plugin_generate_summary_handler',
        'permission_callback' => function() {
            return current_user_can('edit_posts');
        }
    ]);
});

// 能力对应的处理函数
function my_plugin_generate_summary_handler($input) {
    $post_id = isset($input['post_id']) ? absint($input['post_id']) : 0;
    $post = get_post($post_id);
    
    if (!$post) {
        return new WP_Error('invalid_post', '文章未找到');
    }
    
    $content = strip_tags($post->post_content);
    if (empty($content)) {
        return ['summary' => ''];
    }
    
    if (!function_exists('wp_ai_client_prompt')) {
        return new WP_Error('ai_unavailable', 'AI 客户端不可用');
    }
    
    $result = wp_ai_client_prompt('用两句话总结: ' . substr($content, 0, 1000))
        ->using_temperature(0.3)
        ->generate_text();
    
    if (is_wp_error($result)) {
        return $result;
    }
    
    return ['summary' => sanitize_textarea_field($result)];
}

WooCommerce 自定义产品类型

php
add_action('init', function() {
    class WC_Product_Custom extends WC_Product {
        // 自定义产品实现
    }
});

质量关卡

在进入下一阶段前,请确认:

  • 所有自定义代码已测试
  • 安全扫描已通过
  • 性能目标已达成
  • 跨浏览器测试已通过
  • 移动端响应式已验证
  • 无障碍性检查已通过(WCAG 2.1)
  • WordPress 7.0 兼容性已验证(针对新项目)

相关工作流套装

  • development - 通用 Web 开发
  • security-audit - 安全测试
  • testing-qa - 测试工作流
  • ecommerce - 电商开发

(文件结束 - 共 440 行)

限制说明

  • 仅当任务明确属于上述范围时使用此技能。
  • 请勿将输出视为特定环境验证、测试或专家审查的替代。
  • 当缺少必要的输入、权限、安全边界或成功标准时,应暂停并请求澄清。