Usage: php scripts/plugin-scan.php [--json] Runs the plugin-security-scan review checklist against a plugin directory on disk. Use it on your own plugin BEFORE opening a PR against src/plugins/approved-plugins.json — it catches the same issues the maintainers would catch during review. Exit codes: 0 — no errors 1 — at least one error 2 — invalid invocation Options: --json emit machine-readable JSON instead of the human report Examples: php scripts/plugin-scan.php src/plugins/community/my-plugin php scripts/plugin-scan.php --json src/plugins/community/my-plugin | jq