> browse/registry

> constant-time-analysis

Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets, secret-dependent branches, or constant-time programming questions in C, C++, Go, Rust, Swift, Java, Kotlin, C#, PHP, JavaScript, TypeScript, Python, or Ruby.

> code-quality-standards

Guide for ensuring code quality and adherence to WordPress and WP Rig standards using linting and analysis tools.

> create-component

Step-by-step recipe for creating a new PHP component in WP Rig.

> ez-customizer

Guide for adding and managing WordPress Customizer settings via JSON configuration in WP Rig.

> php-filters

Guide for using custom PHP hooks and conventions in WP Rig to extend functionality.

> phpunit-testing

Guide for writing and running PHPUnit unit and integration tests for WP Rig theme components.

> wp-cli-ops

WordPress operations with WP-CLI — search-replace, plugin/theme management, cron, cache, DB export/import, automation. Always-active rules when using wp commands.

> wp-performance-backend

WordPress backend performance optimization — profiling, queries, object cache, autoload, cron, and remote HTTP. Always-active rules when investigating slowness issues.

> wp-plugin-development

WordPress plugin development — architecture, hooks, Settings API, security, data, and lifecycle. Always-active rules when working on plugins or mu-plugins.

> wp-rest-api

WordPress REST endpoint development and debugging. Always-active rules when working with REST routes, API authentication, or data exposure via JSON.

> wp-classic

Conventions for WordPress Bedrock projects with classic PHP theme (no Sage/Acorn/Blade). Always-active rules.

> wp-sage

Conventions for WordPress Bedrock + Sage + Acorn + Blade + Tailwind CSS 4 + Vite projects. Always-active rules.

> php-modernization

Use when upgrading to PHP 8.1+, implementing type safety, configuring PHPStan/Rector/PHP-CS-Fixer, or modernizing PHP code with enums, DTOs, and readonly properties.

> laravel-api-resources-and-pagination

Use API Resources with pagination and conditional fields; keep response shapes stable and cache-friendly

> laravel-api

Build production-grade Laravel REST APIs using opinionated architecture patterns with Laravel best practices. Use when building, scaffoling, or reviewing Laravel APIs with specifications for stateless design, versioned endpoints, invokable controllers, Form Request DTOs, Action classes, JWT authentication, and PSR-12 code quality standards. Triggers on "build a Laravel API", "create Laravel endpoints", "add API authentication", "review Laravel API code", "refactor Laravel API", or "improve Larav

> laravel-config-env-storage

Portable storage configuration across S3/R2/MinIO with optional CDN—env toggles, path-style endpoints, and URL generation

> laravel-constants-and-configuration

Replace hardcoded values with constants, enums, and configuration for maintainability; use PHP 8.1+ enums and config files

> laravel-controller-cleanup

Reduce controller bloat using Form Requests for auth/validation, small Actions/Services with DTOs, and resource/single-action controllers

> laravel-controller-tests

Write focused controller tests using HTTP assertions; keep heavy logic in Actions/Services and unit test them

> laravel-custom-helpers

Create and register small, pure helper functions when they improve clarity; keep them organized and tested