Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.maxicore.ai/llms.txt

Use this file to discover all available pages before exploring further.

Development abilities give your AI agent low-level access to WordPress internals — WP-CLI command execution, object cache management, transient cleanup, and permalink rewrite regeneration. All development abilities require the Pro plan and the manage_options capability (administrator role). WP-CLI write commands require additional opt-in constants in wp-config.php.

All development abilities

AbilityDescriptionCapabilityPlan
maxi/run-wp-cli[PRO] Execute a WP-CLI command. Read-only commands are always permitted. Write commands require opt-in constants in wp-config.php. Hard-banned commands are always rejected.manage_optionsPro
maxi/manage-db-query-blocklist[PRO] Add, remove, or list terms in the DB query output blocklist. Applies when DB_READS is enabled. Seeded with user_pass, user_activation_key, and session_tokens by default.manage_optionsPro
maxi/flush-cache[PRO] Flush the WordPress object cache.manage_optionsPro
maxi/clear-transients[PRO] Delete expired transients or a specific transient by name.manage_optionsPro
maxi/regenerate-rewrites[PRO] Flush and regenerate WordPress permalink rewrite rules.manage_optionsPro

maxi/run-wp-cli

Execute a WP-CLI command directly from your AI agent. Shell metacharacters (;, |, &, `, $) are rejected before execution — this ability accepts WP-CLI command text only, not shell commands.

Read-only commands (always permitted)

Read-only commands require no configuration. You can call them immediately. 
{ "command": "option get siteurl" }

{ "command": "post list --post_type=page --format=json" }

{ "command": "core version" }
Other read-only commands that are always available include user list, wc tool list, wc log read, and similar non-mutating commands.

Write commands (opt-in via wp-config.php)

Write commands are blocked by default. To enable a group, add the corresponding constant to your wp-config.php. Only enable the groups your agent legitimately needs.
1

Choose the groups you need

ConstantCommands enabled
MAXI_AI_WP_CLI_ALLOW_CACHE_WRITESCache, transient, cron, and rewrite flush commands
MAXI_AI_WP_CLI_ALLOW_CONTENT_WRITESPost, term, and menu write commands
MAXI_AI_WP_CLI_ALLOW_USER_WRITESUser creation and update commands
MAXI_AI_WP_CLI_ALLOW_OPTION_WRITESOption add, update, and delete commands
MAXI_AI_WP_CLI_ALLOW_DB_READSdb query (SELECT only) and db export for backups
2

Add constants to wp-config.php

Add only the constants for the groups you need. For example, to allow cache writes and SELECT-only database queries:
define( 'MAXI_AI_WP_CLI_ALLOW_CACHE_WRITES', true );
define( 'MAXI_AI_WP_CLI_ALLOW_DB_READS', true );
3

Verify on the configuration page

See the full configuration reference and the complete read-only command allowlist at WP-CLI configuration.
maxi/run-wp-cli is one of the most powerful abilities in Maxi AI Core. Enable only the write groups your agent needs, restrict the connected WordPress user to administrator capability, and review the audit log regularly. Hard-banned commands are always rejected regardless of which constants are defined.

maxi/manage-db-query-blocklist

When MAXI_AI_WP_CLI_ALLOW_DB_READS is enabled, db query SELECT commands pass through a two-layer blocklist check: once against the SQL text (pre-execution) and once against the query output (post-execution). If a blocked term appears in either, the command is rejected and the event is audit-logged. List the current blocklist terms: 
{ "action": "list" }
Add a term to the blocklist: 
{ "action": "add", "term": "credit_card" }
Remove a term from the blocklist: 
{ "action": "remove", "term": "nickname" }
The blocklist is seeded automatically with three defaults the first time DB_READS is enabled: user_pass, user_activation_key, and session_tokens. If you clear the blocklist manually, the defaults are not re-added — your choice is respected.
Both rejection types (db_query_blocklist_sql and db_query_blocklist_output) are recorded in the audit log. Query them with maxi/get-audit-events using { "category": "wp_cli" }.

maxi/flush-cache

Flush the WordPress object cache. Use this after bulk updates to ensure subsequent reads reflect the latest data rather than stale cached values. 
{}

maxi/clear-transients

Delete all expired transients from the database, or delete a specific transient by name. Delete all expired transients: 
{}
Delete a specific transient: 
{ "transient": "my_plugin_cache_key" }
If a plugin is returning stale data and you suspect a transient is holding an outdated value, pass the transient key directly to clear it without affecting other cached data.

maxi/regenerate-rewrites

Flush and regenerate WordPress permalink rewrite rules. Use this after registering new post types, changing permalink settings, or any plugin activation or deactivation that registers custom URL patterns. 
{}