Controlled sync starts before the import button.
The plugin uses WordPress capability checks, authenticated REST requests, application-password style remote credentials, sanitized API responses, shared REST rate limiting, and safe deserialization paths for imported data. Combined with dry-runs and selected scope, those controls make site-to-site sync more predictable.