npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@missionsquad/mcp-wordpress

v0.2.6

Published

A Model Context Protocol server for interacting with WordPress.

Downloads

141

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

missionsqmissionsq

Keywords

wordpressmcpserverclaudeaiinstawp

Readme

WordPress MCP Server

@missionsquad/mcp-wp is a stdio MCP server for interacting with WordPress through the WordPress REST API.

This package now supports two runtime modes:

  • MissionSquad hidden-secret mode: per-call hidden credentials injected by MissionSquad
  • local standalone mode: single-site env fallback

Runtime Contract

MissionSquad Hidden-Secret Mode

MissionSquad should register this server with hidden secretNames and inject them per tool call.

Recommended hidden keys:

  • siteUrl
  • username
  • password
  • sqlEndpoint (optional)

These values are intentionally not part of the public tool schema.

The server reads them from FastMCP context.extraArgs.

Local Standalone Mode

For local usage outside MissionSquad, configure a single site with:

WORDPRESS_API_URL=https://your-wordpress-site.com
WORDPRESS_USERNAME=wp_username
WORDPRESS_PASSWORD=wp_app_password
WORDPRESS_SQL_ENDPOINT=/mcp/v1/query

Only one fallback site is supported in env mode.

Legacy numbered WORDPRESS_N_* multi-site env configuration is no longer supported by this runtime.

Features

  • FastMCP stdio server
  • hidden per-call WordPress credentials for MissionSquad compatibility
  • single-site env fallback for local usage
  • unified content tools
  • unified taxonomy tools
  • media, users, comments, plugins, and plugin-repository tools
  • optional SQL query tool with custom endpoint
  • ACF/ACF Pro REST support for exposed field groups on content, taxonomy terms, and users

Tool Surface

Site

  • list_sites
  • get_site
  • test_site

These now describe the current request-scoped site only.

Content

  • list_content
  • get_content
  • create_content
  • update_content
  • delete_content
  • discover_content_types
  • find_content_by_url
  • get_content_by_slug

Content read tools support fields: ["acf"] and acf_format for focused ACF reads. Content create/update tools support a nested acf object for ACF/ACF Pro writes. create_content defaults content to an empty string, so ACF-driven posts can be created with title plus acf without inventing a classic editor body.

Taxonomies

  • discover_taxonomies
  • list_terms
  • get_term
  • create_term
  • update_term
  • delete_term
  • assign_terms_to_content
  • get_content_terms

Term read tools support fields: ["acf"] and acf_format for focused ACF reads. Term create/update tools support a nested acf object for ACF/ACF Pro writes.

ACF

  • get_acf_schema

Use get_acf_schema before writing unknown ACF fields. It checks the WordPress REST OPTIONS schema for content, taxonomy terms, or users and returns only fields exposed by ACF through REST. Use target plus resource, for example { "target": "content", "resource": "post" }, { "target": "content", "resource": "steals" }, { "target": "term", "resource": "category" }, or { "target": "user", "resource": "me" }. ACF writes must be sent under the nested acf object on the relevant create/update tool.

Local ACF schema smoke test:

npm run test:acf-schema
npm run test:acf-schema -- --target content --resource page
npm run test:acf-schema -- --target content --resource steals
npm run test:acf-schema -- --target term --resource category
npm run test:acf-schema -- --target user --resource me

The script loads local .env configuration, invokes the same get_acf_schema handler used by the MCP server, and prints the normalized tool response.

Local ACF content read smoke test:

npm run test:acf-content -- --content-type post --id 123
npm run test:acf-content -- --content-type page --id 456
npm run test:acf-content -- --content-type steals --per-page 10

This reads id,slug,title,acf with acf_format=standard through the same REST helpers used by the MCP content tools.

Media

  • list_media
  • create_media
  • edit_media
  • delete_media

Users

  • list_users
  • get_user
  • create_user
  • update_user
  • delete_user

Comments

  • list_comments
  • get_comment
  • create_comment
  • update_comment
  • delete_comment

Plugins

  • list_plugins
  • get_plugin
  • activate_plugin
  • deactivate_plugin
  • create_plugin

Plugin Repository

  • search_plugins
  • get_plugin_info

SQL

  • execute_sql_query

MissionSquad Registration Example

{
  "name": "mcp-wordpress",
  "transportType": "stdio",
  "command": "node",
  "args": ["/absolute/path/to/build/server.js"],
  "secretNames": ["siteUrl", "username", "password", "sqlEndpoint"],
  "enabled": true
}

Local Development

Install

npm install

Build

npm run build

Test

npm test

GitHub Actions

This package includes MissionSquad-standard GitHub workflows:

  • PR build/test on pull request opened and synchronize
  • npm publish on push to main

The publish workflow targets the @missionsquad npm scope and publishes with:

npm publish --access public

Run

npm start

Dev Mode

npm run dev

SQL Query Tool

execute_sql_query is intended for a custom read-only SQL endpoint on the target WordPress site.

Default endpoint:

/mcp/v1/query

Override order:

  1. hidden sqlEndpoint
  2. WORDPRESS_SQL_ENDPOINT
  3. default /mcp/v1/query

Only read-only queries are allowed.

Security

  • do not expose siteUrl, username, password, or sqlEndpoint in public tool schemas
  • do not log hidden runtime config
  • use HTTPS for WordPress sites
  • use WordPress application passwords instead of primary login credentials