Airano MCP Bridge
| 开发者 | airano |
|---|---|
| 更新时间 | 2026年5月11日 01:20 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 6.9 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
Airano MCP Bridge is the official companion plugin for MCP Hub (source) — the AI-native management hub for WordPress, WooCommerce, and self-hosted services. It extends the WordPress REST API with dedicated routes that AI agents (Claude, ChatGPT, Cursor, VS Code Copilot) and the MCP Hub server rely on:
- SEO meta routes — read and write Rank Math SEO and Yoast SEO metadata for posts, pages, and WooCommerce products.
- Media upload helper routes — accept raw-binary uploads via
php://input, which bypasses theupload_max_filesizePHP limit (still bounded bypost_max_size). Unlocks reliable hero-image and large-asset uploads for AI-agent workflows. - Capability probe — reports the effective PHP + WordPress upload limits so MCP Hub can pick the right upload path automatically.
- Rank Math SEO Support — Full access to all Rank Math meta fields
- Yoast SEO Support — Full access to all Yoast SEO meta fields
- WooCommerce Compatible — Works with product post types
- MCP Hub media pipeline — bypasses
upload_max_filesizefor AI-agent uploads - Secure — Requires WordPress Application Password + capability checks on every route
- Auto-Detection — Automatically detects active SEO plugin and advertises capabilities
- Zero Configuration — Works out of the box after activation
airano-mcp-bridge/v1)
GET/POST /wp-json/airano-mcp-bridge/v1/posts/{id}/seo— Post SEO dataGET/POST /wp-json/airano-mcp-bridge/v1/pages/{id}/seo— Page SEO dataGET/POST /wp-json/airano-mcp-bridge/v1/products/{id}/seo— Product SEO data (WooCommerce)GET /wp-json/airano-mcp-bridge/v1/status— Plugin status + active SEO plugins
airano-mcp/v1, added in 2.0.0)
GET /wp-json/airano-mcp/v1/upload-limits— Effective PHP + WP upload limitsPOST /wp-json/airano-mcp/v1/upload-chunk— Raw-body media upload (bypassesupload_max_filesize)GET /wp-json/airano-mcp/v1/capabilities— Effective capabilities + feature flags + available routes (added in 2.1.0)POST /wp-json/airano-mcp/v1/bulk-meta— Batch post/product meta writes in a single HTTP round-trip (added in 2.2.0)GET /wp-json/airano-mcp/v1/export— Structured JSON export: posts, pages, products + media + terms + meta, with post_type/status/since/limit/offset paging (added in 2.3.0)POST /wp-json/airano-mcp/v1/cache-purge— Auto-detects active cache plugins (LiteSpeed, WP Rocket, W3TC, Super Cache, Fastest Cache, SG Optimizer) and invokes their purge API; always flushes object cache (added in 2.4.0)POST /wp-json/airano-mcp/v1/transient-flush— Native transient cleanup with scope=expired/all/pattern (glob); optional site-transient handling on multisite (added in 2.5.0)GET /wp-json/airano-mcp/v1/site-health— Unified site-health snapshot: PHP/MySQL/WP versions, extensions, disk free, active plugins + theme, writability checks (added in 2.6.0)GET|POST|DELETE /wp-json/airano-mcp/v1/audit-hook— Configure + query a webhook that forwards WordPress action events to MCP Hub (HMAC-SHA256 signed, non-blocking) (added in 2.7.0)POST /wp-json/airano-mcp/v1/regenerate-thumbnails— Regenerate attachment sub-sizes viawp_generate_attachment_metadatafor a list of IDs or in paged batch mode (added in 2.8.0)POST /wp-json/airano-mcp/v1/upload-and-attach— Raw-body upload + metadata + attach-to-post + set-featured in a single REST call (added in 2.9.0). Query params:attach_to_post,set_featured,title,alt_text,caption,description. Permission:upload_files+edit_poston the target post.
安装:
- Upload the
airano-mcp-bridgefolder to/wp-content/plugins/ - Activate the plugin through the 'Plugins' menu in WordPress
- For SEO meta routes: ensure either Rank Math SEO or Yoast SEO is active
- The REST API endpoints are now available
常见问题:
Which SEO plugins are supported?
Rank Math SEO and Yoast SEO. The plugin auto-detects which one is active.
Does it work with WooCommerce?
Yes. Product SEO endpoints are available when WooCommerce is active.
How is authentication handled?
All endpoints require WordPress Application Password authentication. SEO routes require edit_posts. Upload helper routes require upload_files or manage_options.
Do I need MCP Hub to use the upload helper routes?
No. The /airano-mcp/v1/upload-chunk route is a standard authenticated REST endpoint and can be used from any client that can send a raw-binary POST with Content-Disposition and Content-Type headers.
Is there a size cap on the upload helper?
The helper reads the request body via php://input, which is not subject to PHP's upload_max_filesize limit — but it is still bounded by post_max_size and memory_limit. For files larger than post_max_size, MCP Hub falls back to its own server-side chunked session pipeline.
Why keep the folder name "airano-mcp-bridge" even though the plugin now does more than SEO?
Plugin slugs on wordpress.org are permanent. Existing installs keep working; the display name and feature set are updated in 2.0.0.
Can I use this without MCP Hub?
Yes. All REST API endpoints work with any application that can make authenticated HTTP requests.
更新日志:
2.10.3
- WordPress.org review fix: rename main class from the generic
SEO_API_BridgetoAirano_MCP_Bridgeper the wp.org "unique prefixes" guideline. The class is only instantiated from this file's bootstrap line and is never referenced by callers (the plugin's public surface is its REST routes, not its PHP class), so this is an internal refactor with no behaviour change.
- WordPress.org review fixes:
- Drop the unused
wp-admin/includes/media.phpincludes from/upload-chunkand/upload-and-attach. The code only uses helpers fromfile.php(wp_tempnam,wp_handle_sideload) andimage.php(wp_generate_attachment_metadata) —media.phpwas a needless direct core include. - Split
/upload-and-attachpermission_callback into its own method (require_upload_and_attach_capability) that explicitly enforcescurrent_user_can('edit_post', $attach_to_post)at the route gate whenattach_to_postis supplied (no longer hidden inside the callback body), and rejectsset_featuredrequests that don't include a target post. - No behaviour changes for clients sending well-formed requests.
- Fix:
capabilitiesandsite-healthroutes now share a single source of truth for theroutesbitmap (previously duplicated with conflicting values foraudit_hookand missingupload_and_attach). Both endpoints now read from the shared route-map constant.
POST /wp-json/airano-mcp/v1/upload-and-attachnow honours anIdempotency-Keyrequest header. A retry within 24 hours with the same key returns the already-created attachment (_idempotent_replay: true) rather than creating a duplicate-2.webporphan. Protects against client-timeout regressions where a successful upload was retried because the response was lost.
- Added
POST /wp-json/airano-mcp/v1/upload-and-attach— same raw-body semantics as/upload-chunk, but accepts query params (attach_to_post,set_featured,title,alt_text,caption,description) and applies them in one PHP round-trip. Saves 2-3 REST calls per upload. Per-target permission enforced viacurrent_user_can('edit_post', attach_to_post). status+capabilitiesroutes now advertiseupload_and_attach: truealongside the existing capability flags.
- Added
POST /wp-json/airano-mcp/v1/regenerate-thumbnails— rebuild attachment sub-sizes viawp_generate_attachment_metadata()after an upload or format conversion changes source pixels. Supports two modes:{ "ids": [...] }for targeted regeneration (up to 50 per call) and{ "all": true, "offset": N, "limit": M }for paged batches (max 50 per page, withhas_more+next_offsetfor pagination). Non-image attachments are skipped; per-item permission check viacurrent_user_can('edit_post', $attachment_id). Permission:upload_filesormanage_options.
- Added
GET|POST|DELETE /wp-json/airano-mcp/v1/audit-hook— configure a webhook that forwards WordPress action events (post transitions, deletions, user events, plugin activations, theme switches) to MCP Hub for unified auditing. Each event is signed with HMAC-SHA256 using a shared secret and posted non-blocking viawp_remote_postso the admin UI stays snappy. Secret is stored inwp_optionsand never echoed back in GET responses (only the last 4 characters are returned). Permission:manage_options.
- Added
GET /wp-json/airano-mcp/v1/site-health— single-envelope health snapshot: WordPress version/multisite/locale, PHP version + critical extensions, server software + disk free, MySQL/MariaDB version + charset, active plugins list (with versions), active + parent theme, writability checks (wp-content, uploads) and SSL status. Replaces 5+ separate REST calls with a single request. Permission:manage_options.
- Added
POST /wp-json/airano-mcp/v1/transient-flush— native PHP transient cleanup. Scopes:expired(default, callsdelete_expired_transients()),all(delete every_transient_%row), orpattern(glob match, e.g.rank_math_*). Optionalinclude_site_transientsfor multisite. Response includesdeleted_count+ cappeddeleted_samplefor observability. Permission:manage_options.
- Added
POST /wp-json/airano-mcp/v1/cache-purge— auto-detects active page-cache plugins (LiteSpeed Cache, WP Rocket, W3 Total Cache, WP Super Cache, WP Fastest Cache, SiteGround Optimizer) and triggers their purge API. Always callswp_cache_flush()for object caches. Permission:manage_options. Removes the need for Docker-socket + WP-CLI to flush caches on managed hosts.
- Added
GET /wp-json/airano-mcp/v1/export— structured JSON export of posts, pages, and WooCommerce products (not WXR). Query params:post_type,status,since,limit(max 500),offset,include_media,include_terms,include_meta. Response includes posts + referenced media + taxonomy terms + post meta in a single envelope, plushas_more/next_offsetfor pagination. Permission:edit_posts.
- Added
POST /wp-json/airano-mcp/v1/bulk-meta— writes manypost_meta/product_metaentries in a single REST request. Capped at 500 items per call; each item is permission-checked viacurrent_user_can('edit_post', $post_id). Null meta values delete the key. Status endpoint now advertisescapabilities.bulk_meta = trueand the capabilities probe reportsroutes.bulk_meta = true.
- Added
GET /wp-json/airano-mcp/v1/capabilities— reports the effective capabilities of the calling application password, plus feature flags (Rank Math / Yoast / WooCommerce / multisite) and the list of companion routes this version actually ships. Consumed by MCP Hub's capability probe so per-user clients only see tools they're actually authorised to use. - Status endpoint now advertises
capabilities.capabilities = true.
- Rebrand: "Airano MCP SEO Meta Bridge" → "Airano MCP Bridge". The companion plugin is no longer SEO-only.
- Added
GET /wp-json/airano-mcp/v1/upload-limits— returns effective PHP + WP upload limits for MCP Hub probes. - Added
POST /wp-json/airano-mcp/v1/upload-chunk— raw-body upload route that bypassesupload_max_filesize. - Status endpoint now includes
capabilities: { seo_meta, upload_limits, upload_chunk }. - Plugin folder / slug unchanged:
airano-mcp-bridge(permanent on wordpress.org).
- Added REST API endpoints for posts, pages, and products (GET/POST operations)
- Added authentication requirement for all endpoints
- Fixed rank_math_title meta key registration
- Enhanced WooCommerce product support
- Improved MariaDB compatibility
- Added status endpoint for plugin detection
- Improved error handling
- Initial release with Rank Math and Yoast SEO support