In the Cloud library, every public Code Snippet now includes an AI snippet verification score, which can be found right below the code editor.
How the AI Verification Score Works
This score is automatically calculated via our AI model, and automatically performs a number of checks on the snippet. By default, you will see an average snippet score, but you can expand the panel for a full breakdown of individual benchmarks like:
- Style
- Checks: indentation, spacing, naming conventions, readability, inline comments, adherence to WP/PSR coding standards.
- Positive example: modern PHP syntax, type hints, descriptive variable names.
- Negative example: inconsistent spacing, unclear variable names, no comments.
- Security
- Checks: data sanitization/escaping, nonce usage, capability checks, SQL/XSS prevention.
- Positive:
sanitize_text_field(),esc_html(),current_user_can(). - Negative: raw database queries with unescaped variables, missing
wp_nonce_*checks.
- Performance
- Checks: algorithmic efficiency, query optimization, memory usage, async/deferred script loading.
- Positive: caching with
wp_cache_*, avoiding queries in loops. - Negative: heavy loops, redundant API calls, synchronous blocking JS.
- Compatibility
- Checks: use of WordPress core APIs, compatibility with PHP ≥ 7.4, vanilla JS (no theme-dependent code).
- Positive:
add_action(),wp_enqueue_script()with WP hooks. - Negative: reliance on non-core functions, deprecated APIs, hardcoded theme paths.
Evaluation Chart
| Score | Meaning | Notes |
|---|---|---|
| [ 1 ] | Severe issues | Likely to break functionality, pose major security risks, or be unreadable. |
| [ 2 ] | Many issues | Poor practices across multiple areas; significant refactoring is suggested. |
| [ 3 ] | Minor issues | Works but has some notable improvement opportunities. |
| [ 4 ] | Acceptable | Well-written but slightly improvable. |
| [ 5 ] | Exemplary | Meets or exceeds modern best practices. |
Each evaluation axis receives a score from 1 (severe issues) to 5 (exemplary practices), helping you identify where a snippet excels or where it might need improvement.
Behind the Scenes: Best-Practice Benchmarks
The AI-based verification draws from a rich knowledge base, including:
- OWASP Top 10 Security Guidelines : Industry-wide standards for secure coding that help prevent the most common web security risks.
- WordPress Plugin Handbook: Security : Provides actionable advice for building robust, secure WordPress extensions.
- WordPress Performance Optimization Best Practices : Promotes snappy, efficient code without unnecessary database or memory overhead.
- WordPress Coding Standards (PHP & JavaScript) : Ensures clarity and consistency in WordPress environments through standardized PHP and JS style rules.
- WordPress Core APIs & Hooks Reference : Verifies that snippets follow recommended integration points, maximizing compatibility and future-proofing.
- JavaScript Best Practices by WordPress: WordPress-specific best practices for writing maintainable, reliable JavaScript in themes, plugins and snippets.
- MDN Web Docs – JavaScript Guide : Canonical reference for writing clean, efficient, modern vanilla JavaScript.
- Plain PHP Coding Standards by Drupal : Well-established PHP code style guidelines applicable to any project, including WordPress.
- PHP-FIG PSR-12: Extended Coding Style Guide : The industry standard for PHP code style and interoperability.
The output is a clear, actionable report to help you confidently review and maintain snippets.
Using the AI Score in Your Workflow
When you select a snippet from the Cloud library, check the AI verification score beneath the editor. For deeper insights, expand the score panel to see Style, Security, Performance, and Compatibility ratings along with helpful notes on what’s working well or what could be improved instead.
Note: The AI verification score can still miss some important security issues. Please always use snippets with caution, regardless of the indicated score.