Governed ability
Update site settings
aafm/update-site-settings Guarded write
Write a small allowlist of site settings, passed as a settings object whose keys are the setting names and values the new values. Accepted keys: blogname (site name), blogdescription (tagline), timezone_string, date_format, time_format, start_of_week (0-6), posts_per_page (1-100). String values are sanitized; the two integer settings are clamped into their legal ranges. Any unrecognized key rejects the entire call with nothing written. It can never change the site URL, admin email, default role, or open registration. Requires manage-options. Off by default.
How it is governed
The same model as every ability in the plugin, stated for this one.
- Off until you enable it
Like every ability, Update site settings ships switched off. You turn it on one at a time, and an update never widens access on its own.
- Guarded write
Writes stay conservative, and the plugin re-checks the capability before the call runs.
- Capability gated
A connection only sees Update site settings if the user you connected can run it, and the plugin checks that capability again before it executes.
- Every call audited
The call is written to the log in your own database, denials included, with the argument keys but never the values.
- It can delete
This ability can delete. Where WordPress supports it, items go to Trash and can be restored, and the last administrator can never be removed.
See it in action
An illustrative run. Your real calls and data stay on your own site.
Try it with a prompt
Example requests you could paste to your agent.
Change the site tagline to Fresh ideas every week.
Set the site timezone to Europe/London and the time format to 24 hour.
Update the posts per page setting to 12.
These are illustrative example prompts. The agent runs them as the user you connected, checked against that user's capabilities and written to your audit log.
Frequently asked
Short answers for Update site settings.
Which settings can it change?
Only an allowlist: site name, tagline, timezone, date format, time format, week start (0 to 6), and posts per page (1 to 100). String values are sanitized and the integer settings are clamped into their legal ranges.
Can it change the site URL or admin email?
No. It can never touch the site URL, admin email, default role, or open registration. Those are outside the allowlist by construction.
What happens if one key is unrecognized?
The entire call is rejected and nothing is written. The ability requires manage-options, is off by default, and every call is audited.
Governed by default, from the first call.
Update site settings is off until you enable it, scoped to the user you connect, and logged like everything else. Turn on only what you need.
Every ability off until you enable it, capability-gated on every call.