NEW WordPress Abilities API + MCP Adapter Compatible

The AI Firewall
Your WordPress Site
Has Been Missing

Constitutional policy governance for WordPress MCP. Every AI agent action passes through a deterministic policy gate before touching your site. The AI doesn't decide. The gate enforces.

Download Free Plugin โ†’ See How It Works
WP 6.0+ Compatible
0ms Governance Overhead
100% Deterministic
<1ms Gate Evaluation
Zero LLM in Loop
PHP 8.1+ Native
aos-governance.php 
// AI agent attempts bulk deletion
WPG_PolicyGate::evaluate([
  'action'  => 'core/delete-posts',
  'args'    => ['count' => 847],
  'agent'   => 'claude-desktop',
]);

// โœ— DENIED โ€” Policy: no-bulk-delete
// "Bulk deletion of 10+ items
//  requires human approval"
//
// โœ“ Logged to immutable audit trail
// โœ“ Agent notified with reason
// โœ“ Zero items deleted
The Problem

WordPress Just Gave AI Agents
the Keys to Your Website

WordPress's MCP Adapter lets AI agents create posts, delete users, modify settings, and execute arbitrary abilities on your site. The only protection? A permission_callback that checks WordPress roles. That's not governance. That's a checkbox.

โš ๏ธ

No Policy Enforcement

WordPress checks if an agent can act, not whether it should. An admin-level AI agent can delete your entire site with a single MCP call.

๐Ÿ‘ป

Logging Without Enforcement

Monitoring tools can show you what MCP requests came in โ€” after the fact. But watching an agent delete 500 posts and having a log entry about it is not governance. You need a gate, not a dashcam.

๐ŸŽญ

No Constitutional Boundaries

There's no concept of "this agent should never do X regardless of permissions." WordPress trusts the role. AOS trusts the rules.

Features

Everything You Need to
Govern AI on WordPress

AOS Governance for WP is a drop-in plugin that wraps every MCP Ability in a constitutional policy gate. Install, activate, govern.

๐Ÿšง

Deterministic Policy Gates

Every AI agent action is evaluated against your policy rules before execution. No LLM in the governance loop โ€” pure deterministic logic. Sub-millisecond decisions.

Core
๐Ÿ“‹

Immutable Audit Log

Every action โ€” approved or denied โ€” is logged with full context: agent identity, action attempted, policy matched, timestamp, and outcome. Exportable and tamper-evident.

Core
๐Ÿ“œ

Pre-Built Policy Templates

Ship with battle-tested policies: no bulk deletion, no admin creation, no plugin installation, content moderation gates, and more. Activate with one click.

Core
๐Ÿ”ง

Visual Policy Builder

Create custom governance rules without writing code. Drag-and-drop conditions, actions, and outcomes. Export as JSON or PHP for version control.

Pro
๐Ÿ””

Real-Time Alerts

Instant webhook, email, or Slack notifications when a policy blocks an AI action. Know immediately when an agent tries something it shouldn't.

Pro
๐Ÿค–

Multi-Agent Support

Assign different policy profiles to different AI agents. Claude gets content creation privileges. GPT gets read-only. Custom agents get custom rules.

Pro
๐ŸŒ

Cross-Site Dashboard

Manage governance policies across all your WordPress sites from a single centralized dashboard. Push policy updates to 100 sites simultaneously.

Agency
๐Ÿ“Š

Compliance Reporting

Generate audit reports for HIPAA, SOC2, GDPR, and custom compliance frameworks. Prove your AI agents operated within policy at all times.

Agency
๐Ÿ”Œ

Native MCP Integration

Registers its own WordPress Abilities so AI agents can query governance state: check policies, read audit logs, and understand their boundaries natively via MCP.

Core
Why AOS

Monitoring Tells You What Happened.
Governance Decides What's Allowed.

WordPress already has audit logs. MCP now has request trackers. But none of them can stop an AI agent from acting. That's the gap AOS closes.

๐Ÿ“‹

Activity Logs

WP Activity Log, Simple History, etc.
  • Log admin/user actions
  • Track post edits & settings changes
  • No MCP/Abilities awareness
  • No agent identity tracking
  • No policy enforcement
  • No denial capability
  • No structured deny reasons
Records human activity. Blind to AI agents.
๐Ÿ“ก

MCP Trackers

MCP Tracker, similar monitoring plugins
  • Log MCP requests & responses
  • Filter by tool, user, date
  • Show request/response JSON
  • Cannot block or deny actions
  • No policy rules engine
  • No agent-level governance
  • No constitutional boundaries
Sees the request. Can't stop it.
๐Ÿ›ก๏ธ

AOS Governance for WP

Constitutional AI Governance
  • Full MCP request logging with context
  • Deterministic policy gate โ€” deny before execution
  • Per-agent governance profiles
  • Structured deny reasons returned to agent
  • Pre-flight policy check via MCP
  • Constitutional boundaries ("never do X")
  • Immutable, tamper-evident audit trail
The gate between AI intent and execution.

Other tools answer: "What did the agent do?" โ€” AOS answers: "Should the agent be allowed to do it?"

Architecture

How AOS Governance for WP Works

AOS injects a constitutional layer between WordPress's MCP Adapter and Ability execution. Zero modifications to core. Zero modifications to your plugins.

1

AI Agent Sends MCP Request

Claude, Cursor, or any MCP client calls a WordPress Ability (e.g., core/delete-posts)

โ†’
2

WordPress Permission Check

Standard permission_callback verifies the user role has the capability. This is where it normally stops.

โ†’
3

WPG Policy Gate NEW

Deterministic evaluation against your constitutional rules. Action, arguments, agent identity, and context are all assessed. No LLM. No ambiguity.

โ†’
4

Execute or Deny

Approved actions proceed normally. Denied actions return a structured error with the policy reason. Everything is logged immutably.

Without AOS โŒ 
// AI agent with admin role:
Agent: "Delete all posts tagged 'draft'"
WordPress: "Is user admin? Yes."
Result: 847 posts deleted โœ—
Audit: Nothing logged โœ—
Undo: Not possible โœ—
With AOS โœ“ 
// AI agent with admin role:
Agent: "Delete all posts tagged 'draft'"
WordPress: "Is user admin? Yes."
WPG Gate: "Policy no-bulk-delete triggered"
โ†’ DENIED: count 847 exceeds limit 10
โ†’ Logged with full context โœ“
โ†’ Alert sent to admin โœ“
โ†’ Zero posts deleted โœ“
Technical Specifications

Built for WordPress Developers

Requirements

  • WordPress: 6.0+ (Abilities API compatible when available)
  • PHP: 8.1+
  • MCP Adapter: 1.0+ (optional, enhances functionality)
  • WP-CLI: 2.9+ (for STDIO transport)

Performance

  • Gate Evaluation: <1ms per policy check
  • Memory Overhead: <2MB resident
  • Zero External Calls: No API calls, no LLM inference
  • Database: Single table for audit log, WP options for policies

Integration

  • Hook: wp_ability_pre_execute filter
  • Transport: STDIO + HTTP (SSE) compatible
  • AI Clients: Claude Desktop, Cursor, Windsurf, VS Code, custom
  • Export: JSON, CSV, PHP config, WP-CLI commands

Security

  • Architecture: Deterministic โ€” no LLM in governance loop
  • Audit Trail: Append-only, tamper-evident logging
  • Policy Format: JSON schema with versioning
  • Hardening: Production-approved by hostile auditor review

Registered AOS Abilities (MCP Tools)

AbilityTypeDescription
wpg/check-policyToolPre-flight check if an action is allowed by policy
wpg/audit-logResourceQuery the immutable audit trail with filters
wpg/active-policiesResourceList all active governance policies and rules
wpg/agent-profileResourceView the current agent's permissions and restrictions
wpg/report-generateToolGenerate compliance report for a date range
Pricing

Start Free. Scale When You Need To.

Every tier includes the deterministic policy engine. Upgrade for advanced features, multi-agent support, and cross-site governance.

๐Ÿ”ฅ Lifetime Deal โ€” Limited to 500 Licenses โ€” Lock in forever pricing before we switch to annual-only. Limited availability.

Community

Essential governance for personal sites

$0 forever
  • Deterministic Policy Gate engine
  • 5 pre-built policy templates
  • Basic audit log (7-day retention)
  • Single MCP server support
  • Email alerts (daily digest)
  • Visual Policy Builder
  • Multi-agent profiles
  • Real-time alerts (webhook/Slack)
  • Compliance reporting
  • Cross-site dashboard
Download Free Plugin (.zip)
Most Popular

Pro

Full governance for a single site

$99 /year
or $198 lifetime LIMITED
  • Everything in Community
  • Unlimited policy templates
  • 90-day audit log retention
  • Visual Policy Builder
  • Multi-agent profiles (up to 10)
  • Real-time alerts (webhook + Slack)
  • Custom policy import/export
  • Priority email support
  • Cross-site dashboard
  • Compliance reporting
Get Pro โ†’

14-day money-back guarantee

Govern AI across 10 sites

$299 /year
or $598 lifetime LIMITED
  • Everything in Pro
  • 10 agents & sites
  • 1 year audit log retention
  • Cross-site governance dashboard
  • Compliance reporting (HIPAA, SOC2, GDPR)
  • Multi-site support
  • Push policies to all sites
  • Priority support
Get Business โ†’

14-day money-back guarantee

FAQ

Common Questions

Does this replace WordPress's permission system?

No. AOS Governance for WP works on top of WordPress's existing role/capability system. WordPress checks if a user can do something. AOS checks if they should. Both must pass for an action to execute.

Does AOS use AI/LLM to make governance decisions?

Absolutely not. AOS is 100% deterministic. Policies are pattern-matched rules evaluated in sub-millisecond time. No AI model is consulted during governance โ€” that would defeat the purpose. The gate enforces. It doesn't think.

What happens if AOS blocks a legitimate action?

The agent receives a structured error with the exact policy name and reason. Your audit log records the denial. You can then adjust your policy rules through the visual builder or config files and the action will succeed on retry.

Will this slow down my site?

No. Policy evaluation adds less than 1ms per MCP call. AOS makes zero external API calls, zero LLM inferences, and uses a single lightweight database table. It's lighter than most analytics plugins.

Do I need the WordPress MCP Adapter?

AOS works with or without the MCP Adapter. If you have the Adapter installed, it automatically protects all Abilities exposed via MCP. Without it, AOS still governs any direct Ability calls via PHP or the REST API.

What's the Lifetime Deal?

We're offering a one-time payment option that gives you permanent access to Pro or Agency features with no recurring fees. This is limited to the first 500 licenses. Once they're gone, we switch to annual-only pricing.

Is this backed by patents?

Yes. AOS governance technology is protected by patent-pending filings covering deterministic policy gate architecture, constitutional AI enforcement, and agent governance infrastructure. View our evidence repository โ†’

Can I use this with Claude Desktop, Cursor, or other MCP clients?

Yes. AOS Governance for WP is transport-agnostic. It works with STDIO connections (local via WP-CLI) and HTTP connections (remote via the Automattic proxy). Any MCP-compliant client is supported.

How is this different from MCP Tracker or activity log plugins?

MCP Tracker and activity logs are monitoring tools โ€” they record what happened after the fact. AOS Governance for WP is a governance layer โ€” it evaluates policy before execution and blocks actions that violate your rules. Think of it this way: MCP Tracker is your security camera. AOS is your security guard. You want both, but only one can actually stop the intruder.

WordPress gave AI agents the keys.
AOS gives you the lock.

Install in 60 seconds. Start governing immediately. No configuration required for the default policy set.

Download Free Plugin โ†’ View on GitHub

Free forever for personal sites. Pro and Agency tiers for professionals.