AI blog automation is moving from “nice idea” to day-to-day workflow, and WordPress is now part of that shift thanks to MCP (Model Context Protocol). Instead of manually hopping between analytics, drafts, comments, and settings in a dashboard, you can increasingly ask an AI assistant to fetch the exact site context you need, on demand and in plain English.
In October 2025, WordPress.com announced MCP support that lets assistants like Claude, ChatGPT, or Cursor query WordPress.com site data directly. WordPress.com framed it simply: “Now you can simply ask an AI assistant like Claude, ChatGPT, or Cursor…” and get answers grounded in your site’s real data, without the usual copy/paste and tab-switching.
1) MCP arrives on WordPress.com: what actually changed
WordPress.com’s MCP rollout means there is now a supported, standardized way for AI tools to access your WordPress.com site context. Rather than relying on brittle browser automation or custom integrations, MCP provides a client-server pattern where the assistant can call “tools” to retrieve relevant information.
The practical impact is workflow speed: you can ask for your latest posts, performance snapshots, or scheduled content and get structured results back. WordPress.com even highlighted natural prompts such as “Show me my latest posts and how they’re performing,” positioning MCP as a replacement for routine dashboard digging.
Just as importantly, this is WordPress.com productizing an “AI-to-apps glue” layer that has been accelerating across the industry. Axios described MCP as a fast-growing standard for connecting AI to apps, while also noting privacy and security concerns that come with AI having more direct access to user data and services.
2) From “chat about my site” to measurable blog automation
Most bloggers don’t need an AI that “writes everything.” They need an AI that can pull context: what was published today, which posts are scheduled, what comments landed overnight, and what’s trending. With MCP in place, those questions become direct tool calls instead of manual reporting work.
WordPress.com’s own prompt examples map neatly to real editorial operations. Examples include “List my scheduled posts across all sites,” “Retrieve my latest published post with its comments,” and “Show me posts I’ve published today across all sites.” These are automation building blocks: status checks, queues, and daily summaries that can feed planning.
That’s why MCP matters for “AI blog automation” even before full write/publish features are native. If the assistant can reliably read your pipeline (drafts, scheduled posts), your outcomes (stats), and your audience signals (comments), it can help you plan and iterate faster, while you keep final creative control.
3) The current limit: WordPress.com MCP is read-only (for now)
WordPress.com’s MCP access is intentionally constrained today. The support documentation (last reviewed 17 Nov 2025) states: “MCP access is currently read-only. AI assistants cannot create, edit, or delete content on your WordPress.com sites.” That means no direct publishing, no automated updates, and no AI-driven post edits through this official MCP channel yet.
This read-only posture still unlocks a lot: editorial reporting, content inventory, performance reviews, and cross-site visibility are common time sinks. Removing the “manual dashboard work” from those loops can significantly shorten the distance between insight and decision.
It also sets expectations for teams evaluating “automation.” On WordPress.com’s official MCP, automation today is primarily analytical and operational, helping you understand and manage your content system, rather than pushing changes into production content.
4) How to enable MCP on WordPress.com (and what tooling you’ll need)
Enabling MCP is presented as an account-level setting. WordPress.com’s support guide (reviewed 17 Nov 2025) describes navigating to wordpress.com/me/mcp, turning on MCP access, and using “Configure MCP client” to connect an AI assistant or developer tool such as Claude, Cursor, or VS Code.
On the developer side, WordPress.com documents that it includes a built-in MCP server and that MCP access is available on all paid plans (developer docs updated 05 Nov 2025). That plan requirement is an important operational detail for agencies or multi-site operators budgeting for AI-enabled workflows.
The connection method is also explicit: WordPress.com’s MCP setup uses a remote proxy package and requires Node.js version 22.0 or greater. The developer docs instruct running a proxy via npx @automattic/mcp-wpcom-remote@latest so your MCP client can communicate with the WordPress.com MCP server in a standardized way.
5) Permissions, OAuth, and “secure by design” access controls
Whenever AI touches real site data, the first question should be: who can see what? WordPress.com emphasizes that MCP access is “Secure by design,” and that users remain in control, able to connect and disconnect as needed rather than granting open-ended access permanently.
Under the hood, WordPress.com’s MCP implementation uses OAuth-based authentication. The developer documentation notes you can disconnect the integration through Security → Connected Apps, where it appears as “WordPress MCP Connector.” That makes access revocable without changing passwords or tearing down your entire account.
WordPress.com also documents role-based access control (RBAC) for MCP tools. In other words, what the assistant can query depends on your WordPress.com role and the tool group, e.g., admin-only access for areas like Plugins and Site Settings, while other tool groups like Site Statistics may be available to multiple roles. This tool-by-tool matrix matters for teams, because it helps keep analytics work shareable without overexposing administrative controls.
6) Beyond read-only: third-party “write/publish” automation via MCP
If your definition of AI blog automation includes drafting, formatting, and publishing, the official WordPress.com MCP channel isn’t there yet. But the ecosystem is already experimenting with MCP servers that connect AI assistants to WordPress write capabilities through other means.
One example is the open-source project Njengah/autowpmcp on GitHub, which describes an MCP server that connects Claude to WordPress sites and supports creating and publishing posts via the WordPress REST API. The project claims features like “Creates and publishes blog posts” and “Formats raw text into WordPress-compatible HTML,” and it uses WordPress “application passwords.”
This highlights a key point: MCP is the connection standard, not the permission model. Whether an assistant can publish depends on what your MCP server exposes. As you evaluate third-party automation, treat “publish access” as a high-risk capability that demands careful scoping, logging, and revocation plans.
7) The security reality: automation benefits, agentic risks
MCP’s promise is speed and interoperability, but more capable tooling increases the blast radius of mistakes and attacks. Axios flagged that as MCP adoption grows, privacy and security concerns rise alongside it, especially when AI can bridge multiple services quickly.
Academic research has also warned about coercion and tool misuse in MCP-driven agentic workflows. An arXiv paper (Apr 2025) reports that MCP workflows can be exploited in ways that lead to malicious code execution or credential theft, and it introduces an auditing tool called MCPSafetyScanner intended to identify risky configurations and behaviors.
The practical takeaway for WordPress automation is straightforward: keep least-privilege access, prefer read-only where possible, use role-based controls, and maintain a clean disconnect path. And if you adopt third-party publish automation, add guardrails like staging environments, human approval steps, and explicit content/change logs.
8) Why MCP matters for the future of WordPress workflows
MCP was reported as an open protocol released by Anthropic (open-sourced in late 2024) designed to standardize how LLMs connect to external tools and services. The bigger story is that MCP reduces integration friction: assistants can become genuinely “useful” across apps without each vendor reinventing a bespoke plugin system.
WordPress.com adopting MCP is significant because it positions WordPress not just as a place where content lives, but as a system that can be queried like an API-first knowledge base. When your CMS can be interrogated conversationally, editorial operations start to look like an interactive command center: “What shipped today?”, “What’s scheduled?”, “What’s underperforming?”, “What needs updating?”
For publishers and marketers, the near-term win is clarity and time savings. For developers and agencies, the win is standardization: once MCP connections are stable, you can build repeatable, cross-client workflows that don’t depend on fragile scraping or one-off admin processes.
AI blog automation lands on WordPress via MCP in a pragmatic, controlled form: the official WordPress.com integration focuses on secure, user-controlled, read-only access that helps assistants answer questions using your real site data. That alone can remove hours of repetitive reporting and context gathering from a weekly editorial cycle.
The next phase, write, edit, and publish automation, already exists in parts of the ecosystem via third-party MCP servers and the WordPress REST API, but it raises the security stakes considerably. As MCP becomes the default “AI-to-apps” interface, the teams that win will be the ones that pair automation with strong permissions, auditing, and deliberate human oversight.
