NEW WordPress 6.9 Abilities API + MCP Adapter Compatible

The AI Firewall
Your WordPress Site
Has Been Missing

Constitutional policy governance for WordPress MCP. Every AI agent action passes through a deterministic policy gate before touching your site. The AI doesn't decide. The gate enforces.

Download Free Plugin โ†’ See How It Works
WP 6.9+ Compatible
0ms LLM Latency
100% Deterministic
<1ms Gate Evaluation
wp-governance.php 
// AI agent attempts bulk deletion
WPG_PolicyGate::evaluate([
  'action'  => 'core/delete-posts',
  'args'    => ['count' => 847],
  'agent'   => 'claude-desktop',
]);

// โœ— DENIED โ€” Policy: no-bulk-delete
// "Bulk deletion of 10+ items
//  requires human approval"
//
// โœ“ Logged to immutable audit trail
// โœ“ Agent notified with reason
// โœ“ Zero items deleted
The Problem

WordPress Just Gave AI Agents
the Keys to Your Website

WordPress 6.9's MCP Adapter lets AI agents create posts, delete users, modify settings, and execute arbitrary abilities on your site. The only protection? A permission_callback that checks WordPress roles. That's not governance. That's a checkbox.

โš ๏ธ

No Policy Enforcement

WordPress checks if an agent can act, not whether it should. An admin-level AI agent can delete your entire site with a single MCP call.

๐Ÿ‘ป

No MCP-Layer Audit Trail

WordPress core has no standardized audit trail for agent tool-calls at the MCP layer โ€” no record of intent, policy decisions, or why an agent modified 500 posts at 3 AM.

๐ŸŽญ

No Constitutional Boundaries

There's no concept of "this agent should never do X regardless of permissions." WordPress trusts the role. AOS trusts the rules.

Features

Everything You Need to
Govern AI on WordPress

AOS WP Governance is a drop-in plugin that wraps every MCP Ability in a constitutional policy gate. Install, activate, govern.

๐Ÿšง

Deterministic Policy Gates

Every AI agent action is evaluated against your policy rules before execution. No LLM in the governance loop โ€” pure deterministic logic. Sub-millisecond decisions.

Core
๐Ÿ“‹

Immutable Audit Log

Every action โ€” approved or denied โ€” is logged with full context: agent identity, action attempted, policy matched, timestamp, and outcome. Exportable and tamper-evident.

Core
๐Ÿ“œ

Pre-Built Policy Templates

Ship with battle-tested policies: no bulk deletion, no admin creation, no plugin installation, content moderation gates, and more. Activate with one click.

Core
๐Ÿ”ง

Visual Policy Builder

Create custom governance rules without writing code. Drag-and-drop conditions, actions, and outcomes. Export as JSON or PHP for version control.

Pro
๐Ÿ””

Real-Time Alerts

Instant webhook, email, or Slack notifications when a policy blocks an AI action. Know immediately when an agent tries something it shouldn't.

Pro
๐Ÿค–

Multi-Agent Support

Assign different policy profiles to different AI agents. Claude gets content creation privileges. GPT gets read-only. Custom agents get custom rules.

Pro
๐ŸŒ

Cross-Site Dashboard

Manage governance policies across all your WordPress sites from a single centralized dashboard. Push policy updates to 100 sites simultaneously.

Agency
๐Ÿ“Š

Compliance Reporting

Generate audit reports for HIPAA, SOC2, GDPR, and custom compliance frameworks. Prove your AI agents operated within policy at all times.

Agency
๐Ÿ”Œ

Native MCP Integration

Registers its own WordPress Abilities so AI agents can query governance state: check policies, read audit logs, and understand their boundaries natively via MCP.

Core
Architecture

How AOS WP Governance Works

AOS injects a constitutional layer between WordPress's MCP Adapter and Ability execution. Zero modifications to core. Zero modifications to your plugins.

1

AI Agent Sends MCP Request

Claude, Cursor, or any MCP client calls a WordPress Ability (e.g., core/delete-posts)

โ†’
2

WordPress Permission Check

Standard permission_callback verifies the user role has the capability. This is where it normally stops.

โ†’
3

WPG Policy Gate NEW

Deterministic evaluation against your constitutional rules. Action, arguments, agent identity, and context are all assessed. No LLM. No ambiguity.

โ†’
4

Execute or Deny

Approved actions proceed normally. Denied actions return a structured error with the policy reason. Everything is logged immutably.

Without AOS โŒ 
// AI agent with admin role:
Agent: "Delete all posts tagged 'draft'"
WordPress: "Is user admin? Yes."
Result: 847 posts deleted โœ—
Audit: Nothing logged โœ—
Undo: Not possible โœ—
With AOS โœ“ 
// AI agent with admin role:
Agent: "Delete all posts tagged 'draft'"
WordPress: "Is user admin? Yes."
WPG Gate: "Policy no-bulk-delete triggered"
โ†’ DENIED: count 847 exceeds limit 10
โ†’ Logged with full context โœ“
โ†’ Alert sent to admin โœ“
โ†’ Zero posts deleted โœ“
Technical Specifications

Built for WordPress Developers

Requirements

  • WordPress: 6.9+ (Abilities API required)
  • PHP: 8.1+
  • MCP Adapter: 1.0+ (optional, enhances functionality)
  • WP-CLI: 2.9+ (for STDIO transport)

Performance

  • Gate Evaluation: <1ms per policy check
  • Memory Overhead: <2MB resident
  • Zero External Calls: No API calls, no LLM inference
  • Database: Single table for audit log, WP options for policies

Integration

  • Hook: wp_ability_pre_execute filter
  • Transport: STDIO + HTTP (SSE) compatible
  • AI Clients: Claude Desktop, Cursor, Windsurf, VS Code, custom
  • Export: JSON, CSV, PHP config, WP-CLI commands

Security

  • Architecture: Deterministic โ€” no LLM in governance loop
  • Audit Trail: Append-only, tamper-evident logging
  • Policy Format: JSON schema with versioning
  • Hardening: Production-approved by hostile auditor review

Registered AOS Abilities (MCP Tools)

AbilityTypeDescription
wpg/check-policyToolPre-flight check if an action is allowed by policy
wpg/audit-logResourceQuery the immutable audit trail with filters
wpg/active-policiesResourceList all active governance policies and rules
wpg/agent-profileResourceView the current agent's permissions and restrictions
wpg/report-generateToolGenerate compliance report for a date range
Pricing

Start Free. Scale When You Need To.

Every tier includes the deterministic policy engine. Upgrade for advanced features, multi-agent support, and cross-site governance.

๐Ÿ”ฅ Lifetime Deal โ€” Limited to 200 Licenses โ€” Lock in forever pricing before we switch to annual-only. Limited availability.

Community

Essential governance for personal sites

$0 forever
  • Deterministic Policy Gate engine
  • 5 pre-built policy templates
  • Basic audit log (7-day retention)
  • Single MCP server support
  • Email alerts (daily digest)
  • Visual Policy Builder
  • Multi-agent profiles
  • Real-time alerts (webhook/Slack)
  • Compliance reporting
  • Cross-site dashboard
Download Free
Most Popular

Pro

Full governance for professional sites

$99 /year
or $249 lifetime SAVE 60%+
  • Everything in Community
  • Unlimited policy templates
  • 90-day audit log retention
  • Visual Policy Builder
  • Multi-agent profiles (up to 10)
  • Real-time alerts (webhook + Slack)
  • Custom policy import/export
  • Priority email support
  • Cross-site dashboard
  • Compliance reporting
Get Pro โ†’

14-day money-back guarantee

Agency

Govern AI across your entire portfolio

$299 /year
or $699 lifetime SAVE 60%+
  • Everything in Pro
  • Unlimited agents & sites
  • Unlimited audit log retention
  • Cross-site governance dashboard
  • Compliance reporting (HIPAA, SOC2, GDPR)
  • White-label option
  • Push policies to all sites
  • Priority support + onboarding call
  • Custom policy development
  • Early access to new features
Get Agency โ†’

14-day money-back guarantee

FAQ

Common Questions

Does this replace WordPress's permission system?

No. AOS WP Governance works on top of WordPress's existing role/capability system. WordPress checks if a user can do something. AOS checks if they should. Both must pass for an action to execute.

Does AOS use AI/LLM to make governance decisions?

Absolutely not. AOS is 100% deterministic. Policies are pattern-matched rules evaluated in sub-millisecond time. No AI model is consulted during governance โ€” that would defeat the purpose. The gate enforces. It doesn't think.

What happens if AOS blocks a legitimate action?

The agent receives a structured error with the exact policy name and reason. Your audit log records the denial. You can then adjust your policy rules through the visual builder or config files and the action will succeed on retry.

Will this slow down my site?

No. Policy evaluation adds less than 1ms per MCP call. AOS makes zero external API calls, zero LLM inferences, and uses a single lightweight database table. It's lighter than most analytics plugins.

Do I need the WordPress MCP Adapter?

AOS works with or without the MCP Adapter. If you have the Adapter installed, it automatically protects all Abilities exposed via MCP. Without it, AOS still governs any direct Ability calls via PHP or the REST API.

What's the Lifetime Deal?

We're offering a one-time payment option that gives you permanent access to Pro or Agency features with no recurring fees. This is limited to the first 200 licenses. Once they're gone, we switch to annual-only pricing.

Is this backed by patents?

Yes. AOS governance technology is protected by patent filings covering deterministic policy gate architecture, constitutional AI enforcement, and agent governance infrastructure. Verify our filings โ†’

Can I use this with Claude Desktop, Cursor, or other MCP clients?

Yes. AOS WP Governance is transport-agnostic. It works with STDIO connections (local via WP-CLI) and HTTP connections (remote via the Automattic proxy). Any MCP-compliant client is supported.

WordPress gave AI agents the keys.
AOS gives you the lock.

Install in 60 seconds. Start governing immediately. No configuration required for the default policy set.

Download Free Plugin โ†’ View on GitHub

Free forever for personal sites. Pro and Agency tiers for professionals.