About WP Plugin Insights

About WP Plugin Insight

WP Plugin Insight is an AI-assisted platform that analyzes WordPress plugins at the code level to provide objective insights into quality, compatibility, security, and long-term maintainability. Instead of relying on developer-declared metadata, it scans real plugin code to detect deprecated APIs, risky patterns, PHP and WordPress version requirements, internationalization readiness, external connections, and other hidden behaviors.

Beyond analysis, WP Plugin Insight powers an alternative, user-centric plugin discovery experience. Plugins can be searched and filtered by real technical criteria — such as PHP 8.3 compatibility, absence of deprecated APIs, or translation completeness — and ranked by composite quality signals rather than download counts alone.

History

WP Plugin Insight was born at the CloudFest Hackathon 2026 (March 20–22, 2026), held at Europa-Park in Rust, Germany. In 48 hours, a cross-discipline team spanning PHP, AI/LLM, static analysis, search engineering, frontend, DevOps, and security built a working MVP of the full analysis pipeline.

The hackathon delivered:

  • A working plugin analysis engine detecting quality, compatibility, and deprecated API usage
  • Automatic inference of minimum required PHP and WordPress versions from real code
  • Human-readable analysis reports with structured JSON output
  • A REST API for plugin submission and report retrieval
  • A live AI-assisted capability for natural-language plugin queries

The project is led by Marko Heijnen (Senior Software Engineer, Jamf) and Javier Casares (SysAdmin, ROBOTSTXT.es), with mentorship from Lucas Radke.

Beyond the Hackathon

WP Plugin Insight does not end with CloudFest 2026. Development continues as an open initiative to build trustworthy, code-verified plugin intelligence for the WordPress ecosystem. The architecture is built around independent, composable analysis runners — each responsible for one concern — making it straightforward to extend with new checks and integrations over time.

The source code is available at github.com/wp-plugin-insights.

Grading methodology

Each plugin is evaluated per dimension. The overall grade reflects the lowest individual dimension score, weighted by severity.

Grade Meaning
A Excellent — no significant issues
B Good — minor issues only
C Acceptable — some concerns worth reviewing
D Poor — significant issues present
F Failing — critical issues or abandoned plugin

Analysis dimensions

  • Compatibility & Requirements — WordPress and PHP version compatibility, last update date.
  • Security — Known CVEs from WPScan / Patchstack / NVD, patch status.
  • Code Quality, Translations, Performance, Maintenance, License — coming in future phases.

Data sources

Team

The people behind WP Plugin Insight.

Co-Leads

Javier Casares

Javier Casares 🇪🇸

SysAdmin · ROBOTSTXT.es

LinkedIn GitHub
Marko Heijnen

Marko Heijnen 🇳🇱

Senior Software Engineer · Jamf

LinkedIn GitHub

CloudFest Hackathon 2026

Cyrille C.

Cyrille Coquard 🇫🇷

Marko Feldmann

Marko Feldmann 🇩🇪

Matthias Pfefferle

Matthias Pfefferle 🇩🇪

Erik Torsner

Erik Torsner 🇸🇪

Ralf Wiechers

Ralf Wiechers 🇳🇱

Contributors

WP Plugin Insight is an open project. See everyone who has contributed on GitHub:

View all contributors on GitHub

PluginInsight is not affiliated with WordPress.org, the WordPress Foundation, or Automattic.