48 posts tagged with "Agent"

drupal-entity-reference-integrity is a Drupal module focused on keeping entity references consistent across content. It aims to detect and prevent broken references when entities are deleted, updated, or otherwise changed, so related content doesn’t silently point to missing or invalid targets.

This is useful in content-heavy Drupal sites where references drive navigation, listings, or business logic. Integrity checks and cleanup reduce hard-to-debug edge cases and help keep editorial workflows dependable as content models evolve. If you want to explore the implementation, see View Code.

Technical takeaway: treat entity references as first-class data relationships. By enforcing validation or cleanup at the module level, you can keep reference integrity aligned with your content lifecycle, which makes downstream rendering and integrations more reliable.

References​

• View Code

I built drupal-gemini-ai-studio-provider as a Drupal integration that connects Google Gemini AI Studio to Drupal’s AI/provider ecosystem. In practice, it’s a provider module: it wires a Gemini-backed client into Drupal so other modules can invoke model capabilities through a consistent interface.

This is useful because it keeps AI usage centralized and configurable. Instead of hard-coding API calls in multiple places, you configure one provider and let Drupal features (or custom code) consume it. That keeps credentials, settings, and model choices in one spot and makes swapping providers or environments far less painful. View Code

Technical takeaway: a provider module should prioritize clean dependency injection, clear service definitions, and configuration defaults. When the provider is the only place that knows about the external API, you get a clean seam for testing, mocking, and future migrations.

View Code

Drupal GPT-5.3 Codex Maintenance PoC is a small proof-of-concept that explores how an agent can assist with routine Drupal maintenance tasks. From its name, this project likely focuses on using a codex-style agent to interpret maintenance intent and apply safe, repeatable changes in a Drupal codebase.

I find this useful because maintenance work is constant, easy to overlook, and expensive to do manually at scale. A focused PoC makes it easier to validate workflows like dependency updates, configuration checks, or basic cleanup without committing to a full platform build.

The key technical takeaway is that even a narrow, well-scoped agent can create leverage by standardizing maintenance logic and making it auditable. If the workflows are deterministic and the outputs are easy to review, teams can integrate this approach into CI without adding unpredictable risk.

View Code

View Code

drupal-cms-2-ai-agent-poc is a proof‑of‑concept that connects Drupal CMS to an AI agent workflow. From the name, I’m treating it as a focused bridge: a Drupal-side surface area that can invoke, coordinate, or integrate with agent logic for content or automation tasks.

Why it’s useful: Drupal teams often need repeatable, safe automation around content ops, migrations, or editorial workflows. A small POC like this is the right way to validate how agent-driven actions can plug into Drupal without over‑committing to a full platform redesign.

One technical takeaway: keep the integration seam narrow and explicit. A thin module or service layer that exposes a minimal API for agent tasks makes it easier to test, secure, and evolve over time—especially when agent behavior changes.

View Code

View Code

I built drupal-cms-2-review-canvas as a focused review scaffold for Drupal CMS 2 work. It’s a small, purpose-built space to capture what matters in a CMS review: structure, decisions, and the evidence behind them. If you’re reviewing builds, migration plans, or release readiness, a consistent canvas makes the process repeatable and easier to compare over time.

It’s useful because it keeps reviews lightweight without being vague. A single place for scope, risks, test notes, and recommendations reduces context switching and avoids scattered notes across tickets or docs. The result is a clearer review trail and faster handoffs for teams that iterate quickly on Drupal-based sites.

One technical takeaway: even minimal artifacts benefit from a clear schema. A well-defined canvas nudges reviewers to record the same critical signals every time, which makes later analysis and automation possible. That consistency is the difference between “nice notes” and actionable review data.

View Code: View Code

drupal-cms-ai-recipes-review is a small, focused Drupal CMS review project that documents and validates a set of AI-oriented recipes for building common site features. I use it as a quick, repeatable way to check how recipe-based setups behave in real Drupal CMS installs without spinning up a large scaffold.

It’s useful because Drupal CMS recipes can drift as core, contrib, or tooling changes. A lightweight review repo makes it easy to spot breakage, confirm assumptions, and share what actually works right now, especially when AI-assisted workflows are involved.

Technical takeaway: recipe reviews are most valuable when they capture both the “happy path” and the sharp edges. Even a minimal repo can encode a reproducible checklist that saves time across multiple projects.

View Code

View Code

I built drupal-content-audit as a lightweight way to inspect and report on content in a Drupal site. It focuses on surfacing what content exists and how it’s distributed, giving a quick snapshot that’s easy to share with stakeholders. View Code

This is useful when you’re migrating sites, pruning stale content, or validating content models before a redesign. Instead of guessing, you get a concrete audit you can reference while planning content changes or setting editorial priorities.

One technical takeaway: keep the audit output narrowly scoped and deterministic. When the report structure is stable, it’s much easier to diff changes over time and wire it into CI checks or content QA workflows.

View Code

Drupal Aggregation Guard is a small Drupal module focused on protecting asset aggregation. It aims to keep CSS/JS aggregation reliable and safe under real-world deployments, where caches, build artifacts, and file permissions can drift. If you’ve ever had a site render fine locally but break after a deploy, this kind of guardrail is the missing layer.

The value is in predictable behavior: when aggregation goes sideways, you want the site to fail gracefully or self-correct rather than silently serve broken assets. The module is meant to tighten that gap, especially in automated pipelines where you can’t babysit cache rebuilds. View Code

Technical takeaway: treat aggregated assets as a stateful artifact, not a guaranteed side effect. That means verifying preconditions (writable directories, expected hashes, and cache integrity) and making failures visible early instead of letting them leak into production.

References​

• View Code

I built drupal-ai-gemini-content-generator as a Drupal module that wires Google Gemini into a content generation workflow. The goal is straightforward: generate draft text inside Drupal so editors can iterate faster without leaving the CMS. View Code

It is useful when teams want consistent, AI-assisted drafts that still live in Drupal’s content model, permissions, and review flow. The module name suggests it targets Gemini as the LLM provider, which makes it a practical fit for organizations already standardized on Google tooling or looking for a simple provider integration.

Technical takeaway: AI features in CMSs work best when they behave like first-class content operations. Hooking generation into Drupal’s form and entity flows keeps drafts traceable, reviewable, and replaceable without changing how editors already work.

References​

• View Code

drupal-ai-module-generator-deepseek-mcp is a Drupal-oriented generator that uses a DeepSeek-backed MCP workflow to scaffold module code. I built it to take the repetitive, error-prone parts of module setup—info files, boilerplate, and consistent structure—and make them fast and repeatable. It fits naturally into agent-driven workflows where you want consistent Drupal modules without losing time to manual setup.

It’s useful because it standardizes the starting point for modules and makes the first commit reliable. That means less time redoing file structures, fewer mistakes in module metadata, and a faster path from idea to a working, testable Drupal feature. If you’re iterating on multiple modules or experiments, the generator pays off almost immediately.

The key technical takeaway is that pairing MCP with a targeted generator creates a clear contract between intent and output. You define the module intent, and the generator enforces a predictable Drupal skeleton that downstream tools can build on. That makes subsequent automation—tests, linting, and CI checks—much easier to wire in.

References

View Code

drupal-ai-views-agent is a Drupal-focused agent that turns natural language into Views configuration, aiming to make data exploration and listing pages faster to build. It sits at the intersection of Drupal’s Views UI and AI-driven intent parsing, so you can describe what you want and let the agent assemble the View structure.

It’s useful because Views is powerful but often repetitive: filters, relationships, display modes, and fields add up quickly. By automating that scaffolding, the project can speed up prototyping, reduce manual clicks, and keep teams focused on validating data requirements instead of wrestling with UI details.

A technical takeaway: agent workflows are most effective when they output structured configuration that maps cleanly onto Drupal’s internal APIs. That makes it easier to validate, version, and refine the generated Views without losing the benefits of automation.

View Code​

View Code

drupal-blog-inside-drupal-cms-2-qa is a Drupal-focused QA project that exercises a blog experience inside Drupal CMS. It’s a small, targeted setup that lets me validate how blog content fits into the CMS’s structure, from content types to listing views, without dragging in a full site build. View Code

It’s useful because it narrows the feedback loop for QA: I can verify content modeling, editorial flow, and UI behavior in isolation, then carry what works into larger Drupal builds. That keeps regression testing tight and helps confirm that the CMS’s out‑of‑the‑box capabilities can support a clean blog workflow.

One takeaway: a focused QA repo like this is a reliable way to test core Drupal patterns before committing them to a production codebase. It’s faster to validate assumptions in a minimal environment than to unwind them later in a full project.

View Code

drupal-claude-agent-sdk-runtime looks like a Drupal-oriented runtime layer for running Claude-based agent workflows inside a Drupal site or module. It likely provides the glue code and conventions to host an agent SDK runtime in the Drupal ecosystem, so you can build Drupal features that call agent capabilities without reinventing the runtime plumbing.

That is useful when you want structured, repeatable agent behaviors inside Drupal: content automation, editorial assistance, or backend workflows that need deterministic integration points. A runtime package keeps the boundaries clear—Drupal provides the context and storage, the runtime provides the agent execution surface—so you can iterate on prompts and tools without re-architecting the integration.

Technical takeaway: treat the runtime as an integration contract. Keep Drupal-specific concerns (services, config, entities) on one side and agent execution (sessions, tool calls, output handling) on the other, and you get a clean seam for testing and future upgrades. For the code, View Code.

References

• View Code

The ai-leaders-micro-credential-pilot project is a small, focused codebase for running a pilot program around an AI leadership micro‑credential. I treat it as a lightweight scaffold for curriculum delivery, evaluation, and iteration—just enough structure to run a cohort, collect evidence, and refine the program without dragging in a heavy platform.

It’s useful because pilots need speed and clarity: you want to validate learning outcomes and operational flow before scaling. This repo keeps the surface area minimal so changes are easy to reason about, and it helps keep the pilot aligned with real-world delivery constraints rather than theoretical plans. If you’re exploring how to operationalize AI leadership training, it’s a clean starting point and a concrete reference. View Code

One technical takeaway: pilot programs benefit from a “thin core” architecture—capture the essentials (content, assessments, feedback loops) and make everything else optional. That discipline keeps iteration fast and avoids premature complexity, which is exactly what you want during a learning-first phase.

View Code

View Code

atlas-demo is a small project that demonstrates how to use Atlas for automated browsing and UI validation. It’s a compact, repeatable setup that focuses on showing how an agent can open pages, perform basic interactions, and capture results for review. View Code

This kind of demo is useful when you want a known-good baseline for UI automation or to prove out a workflow before embedding it into a larger system. It’s also a fast way to show teammates what “agent-driven browsing” looks like without requiring them to assemble tooling or configuration from scratch.

One technical takeaway: keeping the demo narrow and deterministic makes it far easier to debug failures. By minimizing optional steps and external dependencies, you can confirm whether issues are in the automation logic or in the target site’s behavior.

References

• View Code

Crawler Separation Fairness is a small project I built to reason about how different web crawlers should be separated and treated fairly when they hit shared infrastructure. The focus is on defining a clean boundary between crawler classes and making those boundaries observable and enforceable.

This is useful when you operate services that face mixed bot traffic and want to prevent one crawler from starving another, or from overwhelming shared queues and caches. A clear separation policy makes capacity planning and rate‑limiting decisions more defensible and easier to tune over time. View Code

Technical takeaway: model crawler fairness as a first‑class constraint (not a side effect) and make it measurable. Even simple, explicit partitions—paired with lightweight metrics—can turn an opaque traffic problem into something you can debug and iterate on safely.

View Code

• View Code

This project is a compact demo that showcases a Drupal 11 recipes collection. From the name and repo context, I treat it as a focused example of organizing and demonstrating Drupal “recipes” as a reusable collection for installs or site setup, rather than a full product.

It’s useful because it gives a concrete, minimal reference for how to structure and package a set of recipes as a cohesive collection. That kind of example makes it easier to replicate patterns across environments or teach teams how to standardize site build steps.

My main technical takeaway: isolating a narrowly scoped demo makes it easier to reason about collection structure and recipe composition without the noise of a full Drupal distribution. That clarity pays off when you want to reuse or automate the same setup in other projects.

View Code

• View Code

The Hook​

If you install "skills" from a public marketplace, you are installing trust, so I built a static scanner that scores a skill bundle before it touches my machine.

Why I Built It​

Two quotes were enough to justify a guardrail.

Daniel Lockyer: "malware found in the top downloaded skill on clawhub and so it begins."
Elon Musk: "Here we go."

That is the whole pattern: popularity becomes distribution, and distribution becomes the exploit.

The scary part is not a single bad skill. It is the workflow. Skills often ship as a mix of code plus setup instructions. If that skill can convince you to run one command, it can bootstrap anything after that.

So I wanted a quick, local, boring gate: point it at a skill bundle and get a risk report.

The Solution​

Skills Sentry is a static scanner. It does not "detect malware." It detects risky behavior and risky intent.

It looks for:

• Remote script execution patterns (curl or wget to sh, powershell iwr, etc)
• Obfuscation patterns (base64 decode, eval, long encoded blobs)
• Sensitive file targeting (.ssh, env files, wallet keywords, tokens)
• Suspicious install steps (chmod +x, hidden paths, cron, launch agents)
• Network endpoints declared in configs and code

Then it outputs:

• A risk score (0 to 100)
• Findings grouped by severity
• A JSON report you can stash in CI

The Code​

View Code

(Repo: skills-sentry — CLI, sample fixtures, and optional GitHub Action for PR scanning.)

CLI usage​

python skills_sentry.py scan ./some-skill-bundle --json out/report.json

python skills_sentry.py scan ./skill.zip --json out/report.json

python skills_sentry.py scan ./bundle --fail-on high --max-score 60

skills_sentry.py​

#!/usr/bin/env python3
from __future__ import annotations

import argparse
import json
import os
import re
import sys
import tempfile
import zipfile
from dataclasses import dataclass
from pathlib import Path
from typing import Iterable, List, Optional, Tuple


@dataclass
class Finding:
    severity: str  # low, medium, high
    rule_id: str
    message: str
    file: str
    line: Optional[int] = None
    excerpt: Optional[str] = None


RULES: List[Tuple[str, str, str, re.Pattern]] = [
    # rule_id, severity, message, regex
    (
        "REMOTE_SHELL_PIPE",
        "high",
        "Remote script piped to a shell is a classic supply-chain footgun.",
        re.compile(r"\b(curl|wget)\b.*\|\s*(sh|bash|zsh)\b", re.IGNORECASE),
    ),
    (
        "POWERSHELL_IWR_EXEC",
        "high",
        "PowerShell download-and-exec pattern detected.",
        re.compile(r"\b(iwr|Invoke-WebRequest)\b.*\|\s*(iex|Invoke-Expression)\b", re.IGNORECASE),
    ),
    (
        "BASE64_DECODE_EXEC",
        "high",
        "Base64 decode combined with execution often indicates obfuscation.",
        re.compile(r"(base64\s+-d|frombase64|atob)\b.*(sh|bash|powershell|python|node|eval)", re.IGNORECASE),
    ),
    (
        "EVAL_USAGE",
        "medium",
        "Eval usage is risky and commonly abused.",
        re.compile(r"\b(eval|Function)\s*\(", re.IGNORECASE),
    ),
    (
        "CHMOD_EXEC",
        "medium",
        "chmod +x during install is not always bad, but it increases risk.",
        re.compile(r"\bchmod\s+\+x\b", re.IGNORECASE),
    ),
    (
        "CRON_PERSISTENCE",
        "high",
        "Cron or scheduled task persistence hints at unwanted background behavior.",
        re.compile(r"\b(crontab|cron\.d|launchctl|LaunchAgents|schtasks)\b", re.IGNORECASE),
    ),
    (
        "SSH_KEY_TOUCH",
        "high",
        "Touching SSH keys or config is a red flag in a skill bundle.",
        re.compile(r"(\.ssh/|id_rsa|known_hosts|ssh_config)", re.IGNORECASE),
    ),
    (
        "ENV_SECRETS",
        "high",
        "Accessing env files or secrets is high risk in marketplace code.",
        re.compile(r"(\.env\b|dotenv|process\.env|os\.environ)", re.IGNORECASE),
    ),
    (
        "WALLET_KEYWORDS",
        "high",
        "Crypto wallet keywords detected. Treat as sensitive.",
        re.compile(r"\b(seed phrase|mnemonic|private key|wallet|metamask)\b", re.IGNORECASE),
    ),
    (
        "OBFUSCATED_BLOB",
        "medium",
        "Large encoded blobs often hide payloads.",
        re.compile(r"[A-Za-z0-9+/]{400,}={0,2}"),
    ),
]

TEXT_EXTS = {
    ".md", ".txt", ".json", ".yaml", ".yml", ".toml", ".ini",
    ".py", ".js", ".ts", ".tsx", ".sh", ".bash", ".zsh",
    ".ps1", ".bat", ".cmd", ".rb", ".go", ".java", ".php",
}

SKIP_DIRS = {".git", "node_modules", ".venv", "venv", "dist", "build", "__pycache__"}


def iter_files(root: Path) -> Iterable[Path]:
    for p in root.rglob("*"):
        if p.is_dir():
            continue
        if any(part in SKIP_DIRS for part in p.parts):
            continue
        yield p


def is_text_candidate(p: Path) -> bool:
    if p.suffix.lower() in TEXT_EXTS:
        return True
    try:
        return p.stat().st_size <= 512_000
    except OSError:
        return False


def read_lines(p: Path) -> List[str]:
    try:
        data = p.read_bytes()
    except OSError:
        return []
    if b"\x00" in data[:4096]:
        return []
    try:
        return data.decode("utf-8", errors="replace").splitlines()
    except Exception:
        return []


def scan_text_file(p: Path, root: Path) -> List[Finding]:
    rel = str(p.relative_to(root))
    lines = read_lines(p)
    findings: List[Finding] = []
    for idx, line in enumerate(lines, start=1):
        for rule_id, severity, message, pattern in RULES:
            if pattern.search(line):
                findings.append(
                    Finding(
                        severity=severity,
                        rule_id=rule_id,
                        message=message,
                        file=rel,
                        line=idx,
                        excerpt=line.strip()[:240],
                    )
                )
    return findings


def score(findings: List[Finding]) -> int:
    weights = {"low": 5, "medium": 15, "high": 30}
    raw = sum(weights.get(f.severity, 0) for f in findings)
    return min(100, raw)


def summarize(findings: List[Finding]) -> dict:
    by_sev = {"high": [], "medium": [], "low": []}
    for f in findings:
        by_sev.setdefault(f.severity, []).append(f)
    return {
        "counts": {k: len(v) for k, v in by_sev.items()},
        "findings": {
            k: [
                {"rule_id": x.rule_id, "message": x.message, "file": x.file, "line": x.line, "excerpt": x.excerpt}
                for x in v
            ]
            for k, v in by_sev.items()
        },
    }


def unpack_if_zip(path: Path) -> Path:
    if path.is_dir():
        return path
    if path.suffix.lower() != ".zip":
        raise ValueError("Input must be a folder or a .zip file.")
    tmp = Path(tempfile.mkdtemp(prefix="skills_sentry_"))
    with zipfile.ZipFile(path, "r") as z:
        z.extractall(tmp)
    return tmp


def scan_bundle(input_path: Path) -> Tuple[int, List[Finding], Path]:
    root = unpack_if_zip(input_path)
    findings: List[Finding] = []
    for f in iter_files(root):
        if not is_text_candidate(f):
            continue
        findings.extend(scan_text_file(f, root))
    return score(findings), findings, root


def fail_decision(findings: List[Finding], risk: int, fail_on: Optional[str], max_score: Optional[int]) -> bool:
    if max_score is not None and risk > max_score:
        return True
    if not fail_on:
        return False
    sev_rank = {"low": 1, "medium": 2, "high": 3}
    min_rank = sev_rank.get(fail_on.lower(), 3)
    for f in findings:
        if sev_rank.get(f.severity, 0) >= min_rank:
            return True
    return False


def main() -> int:
    ap = argparse.ArgumentParser(prog="skills_sentry", description="Static scanner for agent skill bundles.")
    sub = ap.add_subparsers(dest="cmd", required=True)
    scan = sub.add_parser("scan", help="Scan a folder or zip bundle and print a report.")
    scan.add_argument("path", help="Path to a skill folder or .zip bundle.")
    scan.add_argument("--json", dest="json_path", help="Write JSON report to this path.")
    scan.add_argument("--fail-on", choices=["low", "medium", "high"], help="Exit non-zero if findings at or above this severity exist.")
    scan.add_argument("--max-score", type=int, help="Exit non-zero if risk score exceeds this value (0-100).")
    args = ap.parse_args()
    input_path = Path(args.path).expanduser().resolve()
    try:
        risk, findings, root = scan_bundle(input_path)
    except Exception as e:
        print(f"ERROR: {e}", file=sys.stderr)
        return 2
    report = {"risk_score": risk, "root": str(root), **summarize(findings)}
    print(f"Risk score: {risk}/100")
    print(f"High: {report['counts']['high']}  Medium: {report['counts']['medium']}  Low: {report['counts']['low']}")
    if report["counts"]["high"] or report["counts"]["medium"]:
        print("\nTop findings:")
        shown = 0
        for sev in ["high", "medium", "low"]:
            for f in report["findings"][sev]:
                print(f"- [{sev.upper()}] {f['rule_id']} in {f['file']}:{f['line']}  {f['excerpt']}")
                shown += 1
                if shown >= 12:
                    break
            if shown >= 12:
                break
    if args.json_path:
        out = Path(args.json_path).expanduser().resolve()
        out.parent.mkdir(parents=True, exist_ok=True)
        out.write_text(json.dumps(report, indent=2), encoding="utf-8")
        print(f"\nWrote JSON report: {out}")
    should_fail = fail_decision(findings, risk, args.fail_on, args.max_score)
    return 1 if should_fail else 0


if __name__ == "__main__":
    raise SystemExit(main())

Example output​

Risk score: 75/100
High: 2  Medium: 1  Low: 0

Top findings:
- [HIGH] REMOTE_SHELL_PIPE in install.md:12  curl https://example.com/bootstrap.sh | bash
- [HIGH] ENV_SECRETS in src/agent.js:44  process.env.OPENAI_API_KEY
- [MEDIUM] CHMOD_EXEC in setup.sh:7  chmod +x ./bin/run

CI example​

name: Skill bundle scan
on:
  pull_request:
  push:
    branches: [main]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run Skills Sentry
        run: |
          python skills_sentry.py scan . --fail-on high --max-score 60 --json out/report.json

# Run before you install or publish a skill bundle
python skills_sentry.py scan ./bundle --fail-on medium --max-score 40

What I Learned​

• "Top downloaded" is a threat signal, not a trust signal.
• Static scanning is worth it when the install path includes copy-paste commands.
• You need two gates: before install (static) and at runtime (permissioned, sandboxed).
• Heuristics work best as a policy tool: block the obvious, review the rest.
• If a skill needs secrets, it should declare them and fail closed without them. Silent fallbacks are where bad behavior hides.

References​

• malware found in the top downloaded skill on clawhub and so it begins (Daniel Lockyer)
• Here we go (Elon Musk)

The Hook Real AI adoption isn’t a tool swap—it’s a behavior shift, and the fastest wins come from shrinking the gap between “experiment” and “default workflow.”

Why I Built It I keep seeing teams try to “adopt AI” by picking a single model or product and calling it done. That’s not adoption; that’s procurement. The real problem is the messy middle: pilots that never scale, workflows that don’t stick, and uncertainty about which tasks are safe to automate. I wanted a clear, pragmatic map of what actually changes when a team moves from “AI as a demo” to “AI as a habit.”

The Solution Think of adoption as a pipeline: curiosity, narrow wins, repeatable workflows, then policy and tooling that make those workflows boring—in the best way.

What breaks:

• Over-indexing on demos. Flashy results don’t survive contact with real constraints—latency, privacy, or failure modes.
• Skipping the “repeatable” stage. If a workflow can’t be run by someone else on Tuesday at 2 p.m., it’s not a workflow.
• Ignoring risk gates. The jump from “try it” to “ship it” needs explicit checks.

The Code This topic is a process and culture play, not a single code artifact. For a concrete deliverable on agentic adoption and scaling lessons, see the Netomi agentic lessons playbook.

View Code

- One workflow with measurable time savings
- Clear handoff when the model is uncertain
- A fallback path that does not depend on AI
- A lightweight review step for high-risk outputs
- A feedback loop from users to improve prompts or tools

ai_risk_gate:
  low_risk:
    - internal_docs_drafts
    - boilerplate_code
  medium_risk:
    - customer_emails
    - data_transforms
  high_risk:
    - financial_outputs
    - legal_text
    - production_config_changes
  rule: "High risk requires human review before publish"

What I Learned

• “Adoption” fails when the team has no default path for uncertainty—always design the fallback first.
• Repeatable workflows beat one-off wins; the second run is where the truth shows up.
• Governance isn’t a blocker if it’s lightweight and explicit; it’s a trust accelerator.
• I’d avoid putting AI in any path that can’t degrade safely or be reviewed quickly.

References​

• Mitchell Hashimoto: My AI Adoption Journey

I can now treat a WordPress site like an MCP tool server—abilities become callable tools, which turns admin tasks into agent-friendly workflows.

Why I Built It I keep seeing teams wire ad‑hoc AI actions directly into plugins, and it’s brittle: no shared schema, no discoverability, and permissions are bolted on after the fact. WordPress’s Abilities API + the MCP Adapter give a structured path: define a capability once, let clients discover it, then let MCP-aware agents call it safely. That makes agent workflows reproducible instead of magical.

The Solution The MCP Adapter maps registered Abilities into MCP primitives (mostly tools) so AI clients can discover and execute them. The default adapter server exposes three discovery/exec tools and requires you to mark abilities as public for MCP access. For local dev, you can use STDIO transport via WP-CLI; for remote sites, a proxy can expose HTTP transport.

Here’s a minimal layout for an MCP server config (the adapter’s examples use mcpServers for Claude/Cursor, and servers for VS Code):

{
  "mcpServers": {
    "wordpress-mcp-server": {
      "command": "wp",
      "args": [
        "--path=/path/to/wordpress",
        "mcp-adapter",
        "serve",
        "--server=mcp-adapter-default-server",
        "--user=admin"
      ]
    }
  }
}

{
  "servers": {
    "wordpress-mcp-server": {
      "command": "wp",
      "args": [
        "--path=/path/to/wordpress",
        "mcp-adapter",
        "serve",
        "--server=mcp-adapter-default-server",
        "--user=admin"
      ]
    }
  }
}

Gotchas I’m watching:

• Abilities must be explicitly exposed for MCP access, otherwise they won’t show up via discovery.
• A “tool” is executable logic; if the ability is purely informational, you can map it as a resource instead to avoid accidental execution.
• STDIO is perfect for local experiments; HTTP needs stronger auth and operational guardrails.

The Code View Code

What I Learned

• Abilities give WordPress a stable, cross‑context contract that MCP can expose without custom glue. That’s a big step toward agent‑ready plugins.
• The adapter’s discovery/inspect/execute trio makes agents safer: they can introspect before acting instead of guessing.
• I’d keep production usage read‑only at first; mutate‑on‑call abilities need the same rigor as public REST routes.

References​

• From Abilities to AI Agents: Introducing the WordPress MCP Adapter
• WordPress Developer Blog