Products
Solutions
Pricing
Compare
Resources
Developers
Support
Registry WordPress-native MCP gateway

Tool Registry for WordPress.

The registry keeps LemonX MCP thin. Feature plugins register tool definitions with descriptions, input schemas, capabilities, callbacks, write flags and Pro feature keys. Let LemonX plugins contribute tools through the lemonx_mcp_tools filter without mixing business logic into the gateway.

v0.2.12plugin version shown in the admin header and docs pages
15mstaging TTL for pending write previews
1single endpoint for Claude, Codex and MCP clients
MCP Registry ClientTokenToolsAuditWordPressLemonX Suite
Rendered for real WordPress use
Developers building LemonX-compatible tools or extending the MCP surface safely.
Version OK
WordPress scenario

Built for real MCP sessions inside production WordPress.

LemonX MCP is intentionally a thin gateway. It owns protocol transport, bearer-token authentication, tool discovery, resources, staged writes and audit records. Page editing, SEO research and translation actions stay inside the plugins that know those domains.

For this page, the practical goal is simple: Let LemonX plugins contribute tools through the lemonx_mcp_tools filter without mixing business logic into the gateway. The operator should be able to understand the value, the safety boundary and the exact WordPress workflow before connecting an AI client.

  • Keep the gateway enabled only when a tokened client should connect.
  • Bind each token to a WordPress user with the least useful permission set.
  • Ask the agent to read site identity before doing site-specific work.
  • Use staged previews for write actions and audit logs for accountability.
Tool Registry Token-bound user · capabilities · audit context
Scenario: an AI client talks to WordPress through LemonX MCP instead of unsupported raw REST calls.
How it works

The gateway keeps the AI surface predictable and reviewable.

Every MCP session starts with a client, a token, an endpoint and a clear operating manual. LemonX MCP then routes calls through the registry, permissions, feature gates and staging layer.

POST /wp-json/lemonx-mcp/v1/mcp
01
Feature plugin registers a tool with lemonx_mcp_Feature plugin registers a tool with lemonx_mcp_tools
02
Tool declares schema, capability and write behavTool declares schema, capability and write behavior
03
Gateway protects reserved names and surfaces warGateway protects reserved names and surfaces warnings
04
Client lists the public catalogueClient lists the public catalogue
05
Tool call is routed to the owning pluginTool call is routed to the owning plugin
06
Stats record source plugin and feature key conteStats record source plugin and feature key context
Key features

What this page covers in the MCP product system.

These capabilities map to the real LemonX MCP plugin architecture and admin experience, not a generic AI automation promise.

lemonx_mcp_tools filter

lemonx_mcp_tools filter is presented as a concrete LemonX MCP capability for developers building lemonx-compatible tools or extending the mcp surface safely.

Capability checks

Capability checks is presented as a concrete LemonX MCP capability for developers building lemonx-compatible tools or extending the mcp surface safely.

Callback ownership by source plugin

Callback ownership by source plugin is presented as a concrete LemonX MCP capability for developers building lemonx-compatible tools or extending the mcp surface safely.

Reserved name diagnostics

Reserved name diagnostics is presented as a concrete LemonX MCP capability for developers building lemonx-compatible tools or extending the mcp surface safely.

Plugin data model

Important internal concepts surfaced as product value.

LemonX MCP stores settings, tokens, stats, audit entries and staged payloads in WordPress options and transients. The website page should explain these concepts because they define trust.

lemonx_mcp_settings
ConceptWhat it controlsWhy users care
Gateway settingsenabled, rate_limit, trust_proxy_headers, cors and disabled_toolsAdmins can turn the surface on, limit clients and hide tools without editing code.
Tokenslabel, hash, user_id, preview, created and last_usedEach MCP client can have its own revocable identity bound to a WordPress user.
Staged payloadstool, payload, preview, user_id and created timeWrite changes wait for confirmation and expire after 15 minutes.
Audit entriestool, write flag, result, source plugin, feature key, site, token and targetTeams can trace what an agent did, where it came from and which site it touched.
Tool Registry Token-bound user · capabilities · audit context
Security language is crawlable text, not hidden inside an image, so both users and AI answer engines can understand the permission model.
Security and AEO readiness

Explain trust clearly for Google, users and AI answer engines.

This page is built with a clear H1, descriptive sections, direct answers, canonical metadata, SoftwareApplication schema, FAQPage schema and BreadcrumbList schema. That helps Google understand the page and gives AI answer engines concise source material to cite.

For MCP, trust language is especially important. The copy should repeatedly clarify that the gateway does not bypass WordPress permissions, write tools are staged, and actions are auditable.

  • Use direct definitions near the top of every page.
  • Keep security claims specific: token binding, capabilities, rate limits, CORS and staging.
  • Use FAQ structured data for answer-engine-friendly summaries.
  • Link related MCP pages so crawlers understand the feature cluster.
Recommended workflow

How teams should use Tool Registry in practice.

Start from the admin screen, verify site identity, expose only the tools that are needed, and use the preview workflow for anything that could change content. This is the difference between an unsafe browser agent and a controlled WordPress MCP gateway.

  • Generate a separate token for each client and site.
  • Ask the agent to call initialize and read the returned operating manual.
  • Use resources/list or discovery tools before making assumptions about content.
  • Apply changes only after reviewing the staging preview and target site context.
Tool Registry Request Gateway Result JSON-RPC Auth + tool MCP response v0.2.12
Recommended workflow: discover, verify, preview, approve, apply and audit.
FAQ

Common questions about Tool Registry.

What is Tool Registry?
Tool Registry is part of LemonX MCP 0.2.12. It helps WordPress teams let lemonx plugins contribute tools through the lemonx_mcp_tools filter without mixing business logic into the gateway.
Does LemonX MCP bypass WordPress permissions?
No. Tokens are bound to WordPress users, requests run as the bound user, and tools still rely on WordPress capabilities plus LemonX Pro feature gates for write-capable actions.
Can write tools change the site immediately?
Write-capable tools use the preview to apply workflow. The first call stages a preview and opaque payload; only apply_change commits the staged change after review.
Which MCP clients can use this?
The gateway is designed for Claude Code, Codex, Claude Desktop through the stdio bridge, and other HTTP or Streamable HTTP MCP clients that can send JSON-RPC requests with bearer authentication.
Is this page useful for SEO and AI search indexing?
Yes. The page uses a clear H1, descriptive sections, crawlable text, canonical metadata, SoftwareApplication schema, FAQPage schema, BreadcrumbList schema and direct answers for AI answer engines.

Connect AI clients to WordPress with a gateway you can audit.

LemonX MCP gives Claude, Codex and other MCP clients one controlled endpoint for WordPress work: token-bound users, tool discovery, resources, staged writes, Pro gates and activity records.

WhatsApp+44 7724 592551