SEO & Accessibility
AI
Localization
Ecommerce
Forms
Fields
Development
Security
Templating
Performance
Control Panel
Widgets
Assets
Utilities
Mailer Adapters
Social Networking
Integrations
Version 0.1.0
June 12, 2026
Initial release. An OAuth-authenticated MCP server for Craft CMS that lets AI assistants perform content operations as a named editor, with Craft-native permission enforcement.
Added
- 15-tool content-ops surface — discovery (
list_sections,list_section_fields,list_asset_volumes), entries (find_entries,get_entry,create_entry,update_entry_fields,set_entry_status,delete_entry), assets (find_assets,get_asset,upload_asset), categories/globals (list_categories,get_global), andwho_am_i. Intent-shaped, not API-shaped. - OAuth 2.1 + PKCE + Dynamic Client Registration over HTTP/SSE — the formal MCP auth flow, built on
league/oauth2-server. RFC 8414/9728 discovery, RFC 7591 DCR, RFC 7009 revocation. - Per-user identity binding — every session resolves to exactly one Craft user; tool calls execute as that user, so per-section and per-element permissions are enforced natively. Authorization is OAuth scope ∧ Craft permission.
- Capability-grouped scopes —
content:read,content:write,content:publish,content:delete,assets:write— surfaced on a plain-English consent screen. - High-stakes elevation —
content:publish/content:deleterequire a fresh elevated session via an in-band/oauth/elevateflow. - Refresh-token rotation with theft detection — replaying a consumed token revokes the entire chain.
- Control panel UI — token list/revoke, audit log browser, and per-environment configuration. Ships disabled in production.
- Security controls — per-user rate limiting, optional IP allowlist, DCR approval gate and per-IP rate limit, server-side asset MIME validation, security-event webhooks, audit retention pruning, and a kill switch.
Security
- Element-level authorization on every tool: reads gate on
canView(), writes oncanSave(), deletes oncanDelete()— peer/draft restrictions included. find_entriesorderByis allowlisted to known columns resolved as Yii sort specs (no raw SQL expressions).- Asset upload folder paths are validated against traversal, separators, and control characters.
Verified
- End-to-end against a real Craft 5.9 install (Postgres and MySQL) — 36 scripted checks plus a limited-permission deny-path proof.
- PHPStan level 5 and ECS (PSR-12) clean.