Codevera AI Access Control
| 开发者 | codevera |
|---|---|
| 更新时间 | 2026年5月13日 21:15 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 7.0 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
详情介绍:
- The plugin watches every call to
wp_register_ability()and records which plugin made the call. - The Settings -> Codevera AI Access screen groups those abilities by source plugin so you can see at a glance what is exposed.
- Untick a plugin or a single ability and save. From the next request onwards, the AI feature can no longer see or invoke it.
- Per-plugin and per-ability granular controls
- Automatic detection of newly installed plugins that register AI abilities, with an in-admin notification so you can review them
- Tamper-detect signature on the saved settings, with a fail-closed mode that blocks every non-core ability if the settings option is modified outside the plugin
- Filter-level enforcement that neutralises a blocked ability before WordPress constructs it, plus a registry sweep that removes blocked abilities from the listings
- Self-check that re-attaches the enforcement hooks on init, admin_init and rest_api_init if another plugin removes them
- Search and filter inside each plugin card so large registries stay readable
- No external requests, no telemetry, no licence checks
- Works on multisite (per-site settings)
- Translation ready
- Sites where editorial staff use the WordPress AI feature and you want strict control over what context the AI can pull in
- Agency sites where new plugins are installed regularly and you want to review their AI exposure before letting them in
- Privacy-sensitive sites that need an explicit allow list of which plugins may expose data to an AI provider
- Compliance-driven environments that need an auditable record of which plugins have been allowed to register AI abilities
- Uses only the official Abilities API surface:
wp_register_ability_args,wp_abilities_api_init,wp_unregister_ability - Source attribution from
debug_backtrace()of the file that calledwp_register_ability, normalised to a plugin slug - HMAC-SHA256 signature on the settings option, keyed to a
CVAIAC_SECRETconstant orAUTH_SALTfallback - No frontend assets shipped, all code runs in admin and on the AI Abilities REST routes
- No database tables, just two options in
wp_options
安装:
- Go to Plugins -> Add new
- Search for "Codevera AI Access Control"
- Click Install now and then Activate
- Go to Settings -> Codevera AI Access
- Review the list of plugins that have registered AI abilities
- Untick anything you do not want the AI feature to use
- Click Save changes
- Download the plugin zip file
- Upload to the
/wp-content/plugins/directory - Extract the files
- Activate through the Plugins menu in WordPress
- Configure as described above
wp-config.php to use a dedicated secret for the settings signature, rather than reusing AUTH_SALT:
define( 'CVAIAC_SECRET', 'some-long-random-string-that-only-you-know' );
This makes it harder for an attacker who only has database access to forge a valid settings blob.
After activation:
- Visit Settings -> Codevera AI Access to see which plugins have registered abilities
- Untick any plugin or ability you do not want to expose to the AI feature
- Save changes
- When a new plugin is installed and registers an ability, you will see a Newly detected items banner the next time you open the settings screen
常见问题:
Does this plugin make any external network requests?
No. It reads only local WordPress data and never contacts any third-party service. No telemetry, no analytics, no licence checks.
Does it store any personal data?
No. It stores only your allow and block selections and a short list of plugin and ability identifiers in the WordPress options table.
How does it actually block an ability?
Two layers. First, on the wp_register_ability_args filter at the highest priority, the plugin rewrites the execute_callback and permission_callback of any blocked ability to return a cvaiac_blocked WP_Error. This neutralises the ability before WordPress even constructs it. Second, on the wp_abilities_api_init action at the highest priority, the plugin walks the registry and calls wp_unregister_ability() on anything blocked, so it disappears from the listings entirely.
Can I block WordPress core abilities?
You can block individual core abilities, but the WordPress core group as a whole cannot be blocked. Blocking individual core abilities can prevent the AI feature from working correctly, so do it with care.
What is the tamper-detect mode?
The settings option is stored as a JSON payload with an HMAC-SHA256 signature, keyed to a CVAIAC_SECRET constant or AUTH_SALT. Each time the plugin reads the option, the signature is recomputed and checked. If it does not match, the plugin enters fail-closed mode and blocks every non-core ability until an administrator re-saves the settings through the UI. A red banner appears on the settings screen explaining what happened.
Why is fail-closed important?
A malicious or buggy plugin running on the same site can call update_option( 'cvaiac_settings', array() ) to wipe your block list. With tamper detect, that write produces an invalid signature, the plugin notices, and the AI feature loses access to every plugin's abilities until you investigate and re-save.
Can a hostile plugin still bypass this?
A determined plugin with code execution on the same site can in principle override the pre_option_cvaiac_settings filter, remove the enforcement hooks, or read CVAIAC_SECRET from wp-config.php to forge a valid signature. This plugin defends against opportunistic interference, not against a fully hostile plugin in the same PHP process. Treat it as a policy and tamper-detect tool, not a security boundary. The safest practice is still to only install plugins you trust.
Does it work on multisite?
Yes. Settings are stored per-site, so each sub-site can have its own allow and block list.
Does it work with the REST API run endpoint?
Yes. Blocked abilities are unregistered from the registry, so the WordPress core REST run endpoint cannot find or execute them.
What happens when I uninstall the plugin?
All of the plugin's options are deleted by uninstall.php. No data is left behind.
Can I translate this plugin?
Yes. The text domain is codevera-ai-access-control. PO files can be generated with WP-CLI or any standard translation tool.
How do I troubleshoot?
Enable WP_DEBUG and WP_DEBUG_LOG in wp-config.php. The plugin uses only standard WordPress APIs, so any issue will appear in the standard debug log.
更新日志:
- Collapsed each plugin card by default and added a chevron toggle, so the settings screen stays compact when many plugins register abilities.
- Added an allowed-count badge to every plugin card that shows how many of its abilities are currently allowed for AI, with a red badge when none are allowed and a green badge when all are allowed.
- Replaced the raw plugin folder slug in each card heading with the plugin's display name, and moved the folder slug to a smaller secondary line for reference.
- Added a Block all and Allow all toggle to the settings screen so administrators can clear or tick every plugin and ability in one click.
- Added an on-screen legend that explains a ticked box means the plugin or ability is allowed for AI, and an unticked box means it is blocked.
- Stopped a duplicate Settings saved notice from appearing after save by namespacing the success flag so it no longer collides with WordPress core.
- Stopped the cvaiac_settings and cvaiac_schema_version options from autoloading on every request. Both options are now read on demand only.
- Added an admin notice that warns when neither CVAIAC_SECRET nor AUTH_SALT is defined in wp-config.php, so site owners know the tamper-detect signature is using a public fallback key.
- Reduced source-tracker overhead by skipping the debug_backtrace call when an ability's source plugin is already known from a previous request.
- Removed the redundant Plugin URI header so it no longer matches the Author URI, which is a WordPress.org submission requirement.
- Auto-dismiss the Settings saved and Newly detected items acknowledged banners after 2 seconds, so the screen tidies itself up after a save. The red tamper-detect banner is unaffected and stays until you re-save.
- Added an HMAC-SHA256 signature on the settings option so direct database writes to
cvaiac_settingsare detected. A failed check puts the plugin into fail-closed mode and shows a red banner until an administrator re-saves the settings - Added a
CVAIAC_SECRETconstant for sites that want a dedicated signing key inwp-config.phprather than theAUTH_SALTfallback - Added filter-level enforcement on
wp_register_ability_argsso blocked abilities are neutralised before WordPress constructs them, closing a same-priority race where another plugin could re-register a blocked ability at PHP_INT_MAX - Added a self-check on init, admin_init and rest_api_init that re-attaches the enforcement hooks if another plugin removes them
- Fixed source attribution for abilities registered by WordPress core. The source tracker now reads the immediate caller of
wp_register_abilityrather than the first plugin-dir frame on the stack, so core abilities are correctly attributed to "core" even when a plugin's code triggers the lazy registry init
- Initial release
- Settings screen grouping registered abilities by source plugin
- Per-plugin and per-ability allow and block controls
- Source tracking using
wp_register_ability_argsfilter anddebug_backtrace() - Registry sweep on
wp_abilities_api_initto unregister blocked abilities - Newly detected items notification with an Acknowledge action
- Uninstall script that removes all plugin options