rahlplx/wp-arsenal — reverse-engineered prompt

Build me a WordPress security and recovery toolkit I can use on pretty much any hosting provider through SSH. I want one simple config file where I enter the site details once, then I can run scripts to do a quick malware check, a deeper forensic audit, safe cleanup with a dry run first, evidence collection for hacked sites, and basic repair jobs like restoring WordPress core, bringing back missing plugins, fixing Elementor rendering, and correcting file permissions.

It should also help harden a site by turning off risky WordPress features, blocking PHP in uploads, tightening login access by IP or country, and adding always on must use plugin protections like login monitoring, honeypots, and IP blocking. Please make it feel agent friendly too, with reusable skills or guided workflows for things like incident response and recurring audits.

Keep it config driven, reusable for multiple sites, and easy to install. Add sensible docs and examples, and look up current WordPress and hosting best practices online if you need to.