FAQ
Does the agent get admin access?
Section titled “Does the agent get admin access?”No. The agent authenticates as whatever WordPress user you bind it to. Point it at the dedicated low-privilege user the plugin can create for you, and it can only do what that user can do. Each ability also re-checks the user’s capability before it runs, so a connection can never call a tool its user is not allowed to use.
Is it safe to connect an AI agent to my WordPress site?
Section titled “Is it safe to connect an AI agent to my WordPress site?”Yes, when the connection is scoped, which is what this plugin is built around. The agent connects as a real, least-privilege WordPress user you choose, never an admin-equivalent key. Every ability is off until you enable it, each call re-checks the user’s capability before it runs, and every call is logged, denied attempts included. The plugin itself never holds an admin-equivalent key.
What can an agent actually do?
Section titled “What can an agent actually do?”Only the abilities you have enabled, and only within the bound user’s capabilities. The catalog is reads and guarded writes over posts, pages, terms, comments, media, post meta, and site structure, plus revision history and a search that spans every post type at once. There is no ability to change options arbitrarily, change roles, fetch a remote URL, or run code. An agent can only write post meta for keys an administrator has explicitly allowlisted, and protected, underscore-prefixed, and authentication keys can never be allowlisted. Deletes move content to Trash where the ability supports it, and the permanent ones are off by default and capability-gated.
Is it free?
Section titled “Is it free?”Yes. Agent Abilities for MCP is free on WordPress.org, with no paid tier, no API key to buy, and no usage limits added by the plugin.
Does it send my content to OpenAI, Anthropic, or Google?
Section titled “Does it send my content to OpenAI, Anthropic, or Google?”No. The plugin connects to no AI provider and makes no outbound requests of its own. Your own AI client connects in to your site and calls the abilities you have enabled. Whatever your AI client does with the results afterward is between you and whoever makes that client.
What is the difference between this and the WordPress REST API?
Section titled “What is the difference between this and the WordPress REST API?”The REST API exposes raw endpoints. MCP describes your site’s abilities as discoverable tools an AI agent can reason about and call, and this plugin wraps each one in a governance layer: off by default, capability-gated on every call, and logged. It is the same underlying WordPress, governed so an agent can drive it within the limits you set.
Is this the same as the WordPress Abilities API, or the official MCP Adapter?
Section titled “Is this the same as the WordPress Abilities API, or the official MCP Adapter?”It is built on both. WordPress 6.9 ships the Abilities API and the official MCP Adapter; Agent Abilities for MCP registers a curated, governed set of abilities on top of them rather than inventing its own protocol or transport. So there is no bespoke server to trust, and the plugin inherits the standard’s behavior. What it adds is the governance layer: the off-by-default catalog, the capability gating, the safety controls, and the audit log.
Which WordPress version do I need?
Section titled “Which WordPress version do I need?”WordPress 6.9 or newer, which is where the Abilities API and the official MCP Adapter the plugin builds on are available. PHP 8.0 or newer is required.
Which AI clients work?
Section titled “Which AI clients work?”Any MCP client that can reach your site’s endpoint. With OAuth you paste the
endpoint URL into the client and approve the connection once in the browser;
clients like Claude Desktop, Claude Code, Cursor, VS Code, Windsurf, and Gemini
CLI connect this way, some directly and some through the mcp-remote bridge that
runs on your own machine. You can also connect with an Application Password
instead of OAuth. The hosted ChatGPT and Gemini apps want a streamable HTTP or
SSE remote connector, which the underlying adapter does not serve natively yet.
Is there rate limiting?
Section titled “Is there rate limiting?”Yes. Set a per-minute cap on the Settings tab under “Rate limit (per minute)”. Each connection can make that many agent calls a minute, counted per agent user, and 0 turns the limit off. Calls over the cap are denied and logged on the Activity Log tab, so you can spot a connection that keeps hitting it.
What gets logged?
Section titled “What gets logged?”Every ability call, whether it started, succeeded, errored, or was denied, with the acting user, the ability name, and the argument keys. Argument values are never stored. The activity log lives in your own database and can be cleared from the admin screen.
How do I report a security issue?
Section titled “How do I report a security issue?”Please report security issues privately rather than in the support forum, so a fix can ship before details are public. Use the security contact listed on the plugin’s GitHub repository.