rolepod-wplab
🌐 New here? See what AI can actually do on your WordPress site — plain-English breakdown of the 3 setup tiers.
rolepod-wplab gives Claude Code, Cursor, Codex CLI, and Gemini CLI a full WordPress operations toolkit — so the AI can actually wp-cli, edit page builders, audit security, migrate dev→staging, and (opt-in) run guarded execute-php against any WordPress site instead of guessing.
One MCP server, 89+ tools, 14 skills, 4 connection kinds (local path / REST + App Password / SSH / Docker). Default-safe — runs wp-cli + REST + scoped fs out of the box. Install the rolepod-wp WordPress plugin to unlock execute-php + runtime introspection + the one-click pair setup wizard.
Standalone vs Combined
Standalone: complete WordPress operations toolkit. 14 skills + 89+ MCP tools
cover the full lifecycle — connect, introspect, edit, verify, migrate. Use
directly via skill commands. No external dependencies.
Combined with rolepod parent (v2.7+): wplab phase-flavored skills narrow
to WP-specific tool roles, deferring workflow orchestration to parent. Same
14 skills, smarter division of labor. Detection is a single filesystem
marker (<git-root>/.rolepod/parent-active containing v1) written by the
parent's SessionStart hook — no install-time coupling, no env-var
propagation problems across Claude Code's subprocess boundaries.
Mode summary
| wplab skill | standalone role | with-rolepod role |
|---|
wp-diagnose | primary debug entry | evidence for parent's debug-issue |
wp-health-check | full smoke test | snapshot for parent's check-work |
wp-changes | change audit | summary for parent's review-code |
wp-full | tour + flow | tool loader (parent owns flow) |
wp-scaffold, wp-edit-* | edit + guide + verify | edit primitives for parent's implement-plan |
wp-migrate, wp-connect, wp-pair-setup, wp-introspect, wp-execute-php, wp-content | unchanged tools | unchanged tools |
Install combos
| Install | Unlocks |
|---|
| wplab alone | full WordPress dev toolkit |
| wplab + rolepod parent | + workflow discipline, evidence handoff, multi-phase gates |
| wplab + uiproof | + browser-verified WP changes, a11y on themes, visual diff on migrations |
| all three | full WP dev flow with verified evidence at every phase |
Evidence path convention:
- standalone:
.rolepod-wplab/artifacts/<ts>/
- with-parent:
.rolepod/evidence/<ts>-rolepod-wplab-<skill>/
Manifest schema (Extension Protocol v1): src/lib/rolepodEvidence.ts.
What it helps with
- Connect any WP install in one command.
connect_local, connect_rest, connect_ssh, connect_docker — same tool surface, four ways to reach a site. App Passwords stored in the OS keychain, never echoed.
- One-click pair via companion. Admin opens Tools → WPLab Setup → clicks "⚡ Generate setup prompt" → pastes the prompt into the AI → AI calls
rolepod_wp_pair { siteurl, pair_token } and is connected with full power tools. Token single-use, 60-min TTL.
- Edit page builders without leaving chat.
divi_{read,write}, oxygen_{read,write}, bricks_{read,write}, elementor_{read,write} — all backed up before overwrite.
- Bulk SEO + WPML + ACF + Woo writes.
yoast_write, rankmath_write, wpml_write (link translations, duplicate for translation), woo_write (bulk price updates), acf_write.
- Scaffold blocks, plugins, themes, patterns.
scaffold_block, scaffold_plugin, scaffold_theme, scaffold_pattern — register-block-type-ready files into existing themes/plugins.
- Audit + migrate across many sites.
audit_security, audit_many (consolidated report for N sites), migrate_dryrun + migrate_data (plugin version sync dev→staging), clone (full db + wp-content + URL rewrite).
- Diagnose + back up before risky ops.
diagnose (plugin conflicts / slow queries / large autoloads / php errors), backup_create + backup_restore, cache_tool, cron_tool, mail_test.
- Safe
execute-php (companion only). AST screen on Node side AND PHP side, production-block unconditional, append-only audit log.
The 14 skills
