WordpexAI is an operations platform for production WordPress sites. Every design decision around security, AI safety, and data handling reflects that context. This page documents the controls that are in place and the ones currently in progress.
The trust model is the product. The most important thing this platform does is not the AI — it is the layer that makes the AI safe to use on production WordPress.
The core security model is that WordpexAI has no privileged standing access to your WordPress site. Every interaction is short-lived, signed, scoped, and audited.
WordpexAI engineers do not have standing access to your WordPress site. The only channel into your site is the signed action system — short-TTL, scoped to one operation, verified by the connector before execution.
Every action dispatched to your site carries an HMAC-SHA256 signature bound to the action ID, site ID, action type, issued timestamp, expiry, and a single-use nonce. The connector rejects any action that fails signature verification, has expired, or reuses a nonce.
Every action nonce is recorded on your site and checked before execution. Replayed requests — even with valid signatures — are rejected. Nonces are pruned after 15 minutes.
Each organisation's data is isolated by organisation ID at the database query level. There are no cross-tenant data paths in the API.
AI is powerful for analysis and recommendation. It is dangerous without explicit controls around execution. These are the controls that constrain the AI layer.
Specialist agents analyse telemetry and produce recommendations. They cannot dispatch actions, request credentials, or mutate production. Execution is a separate gated layer.
Proposals below a configurable confidence threshold (default 82%) are held as recommendation-only and cannot be dispatched, even in Autonomous mode.
Medium, high, and critical-risk actions are blocked until a pre-update snapshot has been created and verified on your server. The policy engine enforces this gate — it cannot be bypassed from the dashboard.
Switching to Autonomous mode is blocked until at least one successful snapshot has been confirmed for that site. This ensures rollback is available before any autonomous action is attempted.
The connector plugin is the only piece of WordpexAI software running on your server. Its security properties are as important as the API's.
Connector token and secret are encrypted using AES-256-CBC keyed from your WordPress AUTH_KEY before being stored in the options table.
The connector uses only the WordPress capability checks appropriate to the requested action (read, manage_options, update_plugins, activate_plugins). It cannot run arbitrary PHP or shell commands.
Your WordPress server never receives unsolicited connections from WordpexAI. Actions are dispatched via a REST endpoint only when your organisation has approved or configured auto-execution.
The connector refuses to send heartbeats to non-HTTPS API endpoints on non-local hosts. Credentials are never sent over plain HTTP.
We are building toward SOC 2 Type II. Our GDPR and UK GDPR compliance is documented in the DPA, which is available to all customers.
Our data model is narrow by design. We are a control plane, not a data platform.
Site operational telemetry (plugin metadata, health signals), incident and workflow records, account data, and audit logs. Telemetry is retained for 30 days. Audit logs for 1 year.
Visitor personal data, site content, database contents, or pre-update snapshots. Snapshots are stored exclusively on your own server in wp-content/wordpex-snapshots/. Nothing from snapshots is uploaded to our API.
Telemetry summaries are sent to Anthropic's Claude API for incident analysis. Anthropic does not train on API data by default under their standard usage policy. We do not send visitor personal data or site content to the model.
If you discover a security issue, please report it to security@wordpex.com with a description of the vulnerability. We will acknowledge within 24 hours and aim to resolve critical issues within 7 days.
Every action proposed, approved, rejected, and executed is recorded with a correlation ID and cannot be edited. Audit logs are available in your dashboard and can be exported on request.
Every heartbeat received, every incident created, every proposal generated, every policy decision made, every approval granted or rejected, every action dispatched, and every rollback executed. Each entry includes a timestamp, actor, correlation ID, and full payload.
Action signatures and connector secrets are never written to audit logs. Only the action ID, type, and outcome are recorded — never the cryptographic material that would allow replay.
Contact our security team at security@wordpex.com. Enterprise customers can request our security questionnaire, architecture diagram, and pending SOC 2 bridge letter.