wp-navigator-mcp
Verified Safeby littlebearapps
Overview
AI-powered WordPress management, enabling natural language control over posts, pages, media, plugins, themes, and Gutenberg blocks via an MCP-compatible client.
Installation
npx @littlebearapps/wp-navigator-mcp "./wpnav.config.json"Environment Variables
- WP_BASE_URL
- WP_REST_API
- WPNAV_BASE
- WPNAV_INTROSPECT
- WP_APP_USER
- WP_APP_PASS
- WPNAV_SITE_URL
- WPNAV_USERNAME
- WPNAV_APP_PASSWORD
- WPNAV_ENABLE_WRITES
- ALLOW_INSECURE_HTTP
- WPNAV_TOOL_TIMEOUT_MS
- WPNAV_MAX_RESPONSE_KB
- WPNAV_SIGN_HEADERS
- WPNAV_HMAC_SECRET
- WPNAV_CA_BUNDLE
- WPNAV_ENV
- WPNAV_ENVIRONMENT
- WPNAV_FLAG_WORKFLOWS_ENABLED
- WPNAV_FLAG_WP_BULK_VALIDATOR_ENABLED
- WPNAV_FLAG_WP_SEO_AUDIT_ENABLED
- WPNAV_FLAG_WP_CONTENT_REVIEWER_ENABLED
- WPNAV_FLAG_WP_MIGRATION_PLANNER_ENABLED
- WPNAV_FLAG_WP_PERFORMANCE_ANALYZER_ENABLED
- WPNAV_ROLE
Security Notes
The server demonstrates strong security awareness: write operations are 'safe by default' (disabled until explicitly enabled via WPNAV_ENABLE_WRITES=1). Content modifications utilize a plan/diff/apply workflow. Destructive batch operations and content creation require explicit confirmation ('confirm_destructive: true', 'force: true'). The wpnav_set_option tool strictly limits modifications to plugin-specific options to prevent accidental changes to core WordPress settings. It supports HMAC request signing for integrity. WordPress application passwords (or Keychain references) are used for authentication, with HTTPS enforcement for non-localhost connections. Dynamic toolsets reduce the attack surface and token exposure by only presenting meta-tools by default.
Similar Servers
mcp-server
This plugin implements a Model Context Protocol (MCP) server for WordPress, exposing WordPress's data and functionality through its REST API to AI clients.
mcp-for-woocommerce
Connects WordPress and WooCommerce to AI systems via Model Context Protocol, enabling AI agents to query and manage e-commerce data (products, orders, categories, shipping, payments, taxes) and content (posts, pages).
mcp-ai-wpoos
Provides a stable API and server framework for integrating AI models and tools into WordPress, enabling advanced AI assistant capabilities and workflow automation.
wp-mcp-server-demo
A WordPress plugin acting as a configuration layer to create a custom Model Context Protocol (MCP) server, exposing pre-defined abilities from the WP Abilities API Demo plugin for AI integration.