Dev and staging only. Never run this in production.
AI Engine YOLO is a small companion plugin for AI Engine. When active, it adds a few extra tools to AI Engine's MCP server that let a connected AI agent do anything on the site: run arbitrary PHP, shell commands, WP-CLI, and SQL, and read, write, and delete files anywhere on the server.
Some people asked us to match what Novamira does: give an AI agent full, unrestricted control of WordPress through PHP execution and the filesystem.
We can build that. It is actually easy. The problem is that it is also genuinely unsafe: it turns your MCP endpoint into remote code execution, where anyone holding the token can run any code on the server.
So we made a decision. AI Engine itself stays safe. Its built-in MCP tools are curated and
capability-gated, with no arbitrary code execution, because AI Engine runs on more than 100,000
production sites and we will not put a live eval() on any of them by default. WordPress.org would not
accept this code either, and rightly so: running arbitrary PHP over a request is not allowed there.
Instead, the dangerous power lives here, in a separate plugin you have to deliberately install from GitHub, clearly labelled, that you add only where you want it. You get the capability if you truly want it, and everyone else stays protected.
Once active, it registers these MCP tools:
yolo_run_php: evaluate arbitrary PHP and return its output, return value, and any error.yolo_run_shell: run a shell command and return stdout, stderr, and the exit code (git, composer, npm, etc.).yolo_wp_cli: run a WP-CLI command against this install.yolo_sql: run a raw SQL query against the WordPress database.yolo_read_file: read any file by absolute path (up to 1 MB).yolo_write_file: create or overwrite any file by absolute path.yolo_delete_file: delete a file, or recursively delete a directory.yolo_list_directory: list any directory by absolute path.yolo_make_directory: create a directory (recursively).
They appear in AI Engine's MCP tool list automatically, alongside the core tools, for any connected
agent (Claude Code, Claude, ChatGPT, Cursor, and so on). yolo_run_php alone already grants full control;
the rest exist because a named tool is easier and more reliable for an agent to reach for.
Activating the plugin turns the tools on; deactivating it turns them off. The only thing standing between these tools and the world is your MCP token, since AI Engine only dispatches them for an admin-authorized caller. Guard that token like a root password.
- AI Engine (free or Pro) active, with its MCP server enabled.
proc_openavailable on the server foryolo_run_shell/yolo_wp_cli(the other tools work without it).
- Download this plugin and put it in
wp-content/plugins/ai-engine-yolo. - Activate it. Confirm the "AI Engine YOLO is ACTIVE" warning appears, then connect your agent to AI Engine's MCP server as usual.
If you are building or vibe-coding a website, you almost certainly do not need this plugin. The better way is:
- Run Claude Code, or whatever agent you like, against your project locally.
- Keep the code on your machine, in a versioned Git repository.
- Let the agent edit files and run things there, where you can review diffs, commit, roll back, and deploy on your terms.
Vibe-coding is fine. It just should be done safely, and the safe version is usually your agent's own "yolo" mode running locally on a repo you control, not an agent reaching into a live server over the network. That gives you the same speed with none of the "my whole site is one leaked token away from being wiped" risk.
Use AI Engine YOLO only when you specifically want an agent to operate a real WordPress instance on a throwaway dev or staging box.
GPLv3. Provided as-is, with no warranty. You are responsible for where and how you run it.