Skip to content

Integrate AI Security Module and Enhance WordPress Core with AI Providers#11355

Closed
cbuntingde wants to merge 18 commits intoWordPress:trunkfrom
cbuntingde:main
Closed

Integrate AI Security Module and Enhance WordPress Core with AI Providers#11355
cbuntingde wants to merge 18 commits intoWordPress:trunkfrom
cbuntingde:main

Conversation

@cbuntingde
Copy link
Copy Markdown

@cbuntingde cbuntingde commented Mar 26, 2026

Trac ticket:

Use of AI Tools

This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.

cbuntingde added 14 commits March 25, 2026 21:16
@cbuntingde
Initial commit: AI Security Edition setup
50bd607 
- Save original README as README-ORIG.md
- Create new README with project warnings and status
- Add WordPress security knowledge base for AI integration research
- Set up upstream remote to WordPress/wordpress-develop
@cbuntingde
Research complete: Add implementation plan
021db6e 
- Discovered WordPress 7.0 already has AI Client and Abilities API
- Created comprehensive implementation plan (docs/implementation-plan.md)
- 6-phase approach: Foundation → Scanner → Detection → Firewall → Audit → Agent
- Updated README with findings and plan
@cbuntingde
Add AI Connector Pro providers to WordPress core
5bddd80 
NEW: AI providers integrated directly into WordPress core:
- DeepSeek Provider (DeepSeek_Provider)
- OpenRouter Provider (OpenRouter_Provider)
- Ollama Provider (Ollama_Provider) - local models
- xAI Provider (XAI_Provider) - Grok
- Mistral Provider (Mistral_Provider)

Added files:
- wp-includes/ai-connector-pro.php - Provider registration
- wp-includes/php-ai-client/src/Providers/AiConnectorPro/ - Provider classes
  - class-abstract-connector-provider.php
  - class-deepseek-provider.php
  - class-openrouter-provider.php
  - class-ollama-provider.php
  - class-xai-provider.php
  - class-mistral-provider.php

Modified:
- src/wp-settings.php - Load ai-connector-pro.php
- README.md - Updated with core integration status
- docs/ai-connector-pro-spec.md - Plugin spec
- docs/team.md - Team documentation

⚠️ WARNING: This fork is work-in-progress, not for production use.
@cbuntingde
Clean up README: Professional formatting with tables
cdfbdc2
@cbuntingde
Update: Add all 8 providers to README (5 built-in, 3 require plugins)
aa83378
@cbuntingde
Add AI Security module - Phase 1 foundation
643ab46 
NEW: AI Security module with 6 components:
- ai-security.php - Main entry point, admin menus
- class-wp-ai-security-client.php - AI wrapper for security
- class-wp-security-analyzer.php - Plugin/theme vulnerability scanning
- class-wp-threat-detector.php - Real-time threat detection
- class-wp-firewall.php - IP blocking and firewall rules
- class-wp-audit-logger.php - Security event logging
- abilities/register-abilities.php - AI-callable security functions

Admin pages added:
- AI Security Dashboard
- Plugin/Theme Scanner
- Firewall Rules
- Audit Log

Also added:
- docs/project-management.md - Project tracking
- docs/code-quality-todo.md - Code quality checklist

⚠️ WARNING: This fork is work-in-progress, not for production use.
@cbuntingde
Implement Phase 3: Real-Time Threat Detection (complete)
9bdb944 
Enhanced Threat_Detector:
- 8 attack patterns (SQLi, XSS, Command Injection, Path Traversal, etc.)
- AI-powered request analysis for suspicious requests
- Auto-blocking for critical/high severity threats
- Email notifications for admins
- Webhook notifications for external integration
- Rate limiting (configurable)
- Brute force login protection
- Configurable settings via Settings page

Admin pages:
- Settings page with all configuration options
- Rate limit, threshold, notifications, webhook

Updated implementation-plan.md with Phase 3 complete.

⚠️ WARNING: This fork is work-in-progress, not for production use.
@cbuntingde
Mark Phases 1-3 as complete in implementation plan
c2b1227
@cbuntingde
Complete Phases 4-6: Firewall, Audit & Compliance, and AI Agent Integ…
186537a 
…ration

- Phase 4: Added rate limiting, IP blocking, country blocking (GeoIP), firewall rules engine
- Phase 5: Enhanced audit logger with stats, filters, search, pagination, PDF/CSV export, HTML reports
- Phase 6: Added 6 new AI abilities (unblock-ip, firewall rules, audit summary, reports, autonomous response)
- Added weekly security report email via WP cron
@cbuntingde
Add code quality tools and update docs
7034326 
- Add PHPStan with WordPress extension (level 5, ai-client path)
- Add PHP CS Fixer with PSR12 rules
- Remove docs/implementation-plan.md and docs/knowledge-base.md (local only)
- Update .gitignore for code quality cache files
- Update README.md with professional documentation
- Add szepeviktor/phpstan-wordpress dependency
@cbuntingde
Merge remote-tracking branch 'upstream/trunk' into trunk
665e86d
@cbuntingde
Add sync workflow documentation and robust sync check script
3d661cf 
- scripts/sync-check.sh: checks for uncommitted changes, shows upstream commits, lists files to be updated
- docs/SYNC-WORKFLOW.md: complete workflow documentation with safety rules
@cbuntingde
Add GitHub Actions workflows
668c5da 
- php-code-quality.yml: PHPStan + PHP CS Fixer on push/PR
- upstream-sync.yml: Check upstream sync every 3 hours
- security.yml: Dependency audit + PHP lint
@cbuntingde
Update workflow and add branch strategy
54edde9 
- Add main branch (protected, for production)
- Update workflow to include main in triggers
- Add docs/BRANCH-STRATEGY.md explaining workflow
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 26, 2026

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

Unlinked Accounts

The following contributors have not linked their GitHub and WordPress.org accounts: @cbuntingde.

Contributors, please read how to link your accounts to ensure your work is properly credited in WordPress releases.

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 26, 2026

Test using WordPress Playground

The changes in this pull request can previewed and tested using a WordPress Playground instance.

WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser.

Some things to be aware of

  • All changes will be lost when closing a tab with a Playground instance.
  • All changes will be lost when refreshing the page.
  • A fresh instance is created each time the link below is clicked.
  • Every time this pull request is updated, a new ZIP file containing all changes is created. If changes are not reflected in the Playground instance,
    it's possible that the most recent build failed, or has not completed. Check the list of workflow runs to be sure.

For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation.

Test this pull request with WordPress Playground.

@cbuntingde
Add disclaimer: not affiliated with official WordPress
a3d0f7e
@cbuntingde
Add trunk → main promotion workflow to branch strategy
34410f2
@cbuntingde
Add promote-to-production workflow for trunk→main PRs
33a5a14 
- Runs PHPStan and PHP CS Fixer validation
- Checks for security-related changes
- Auto-labels PRs with 'promote-to-production' and 'security'
- Creates promotion summary
@cbuntingde
Replace PR template - our fork doesn't use WordPress Trac
b3a3b54
@cbuntingde cbuntingde closed this Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cbuntingde