PluginProbe Bot

Technical documentation for the automated crawler that powers PluginProbe's plugin index and analysis pipeline.

User-Agent

All requests made by the PluginProbe crawler include the following User-Agent header:

                PluginProbe/1.0 (+https://pluginprobe.com)
            

What is excluded from analysis

The analysis scanner skips directories and files that are not plugin-authored PHP code, to reduce noise and processing time:

vendor/ (Composer dependencies)

node_modules/ (npm dependencies)

freemius/ (bundled SDK)

libraries/, library/, libs/ (third-party)

tests/, test/, spec/, specs/

dist/, build/ (compiled assets)

languages/ (translation files)

docs/, documentation/

.git/ (version control)

*.min.php (minified PHP)

Data and privacy

PluginProbe only accesses data that is already publicly available through official WordPress.org APIs and download servers. No authentication is required, and no private or unpublished plugin data is ever accessed or stored.

Plugin ZIP archives are downloaded solely for the purpose of analysis. After analysis completes, the ZIP and extracted files are deleted from disk immediately. Only the analysis results (finding severity, file path, line number, sniff identifier) are stored in the database.

If you have concerns about how your plugin is represented on PluginProbe, contact us via the feedback link in the footer.

Analysis types Browse plugins