Activity Log for MCP

Description

AI agents are starting to talk to WordPress sites directly. Claude Desktop, ChatGPT custom GPTs, and a growing list of MCP clients can connect to your site, browse content, place orders, edit posts, or call any custom tool you expose. The Model Context Protocol (MCP) is the open standard that makes this possible.

The problem: by default, you can’t see any of it. Requests come in, things change, and there’s no record of what an agent actually did, when it did it, or which user it acted as.

Activity Log for MCP records every MCP request the moment it hits your site. You see the route, the ability that was called, the user it acted as, the request body, the response, and whether it succeeded. Everything is browsable in a clean React admin page that feels like the rest of WordPress.

If you’re running an AI integration, debugging a custom MCP server, or just want a paper trail before letting agents touch your data — this is the visibility layer.

What you get

A real-time log of every MCP request, with filters for date range, ability name, and user. Click any row to inspect the full request and response, copy bodies to your clipboard, or trace a single agent session end-to-end. Sortable columns, configurable per-page counts (10 to 500), and full-text search across request and response bodies. Export to CSV when you need to share findings or feed them into another tool.

The whole interface is built with @wordpress/components so it inherits the WordPress design language — no jarring custom UI to learn.

Built for both halves of the audience

If you’re a site owner: install, activate, and click into Tools → MCP Logs. There’s no setup screen and no configuration — the plugin starts logging the moment an MCP client makes a request.

If you’re a developer: there’s a full REST API for every admin feature, authenticated via WordPress Application Passwords or WooCommerce API keys. The plugin is also itself MCP-aware — it registers an MCP server with seven abilities, so an AI agent can introspect its own activity log programmatically. Source ships under src/ and builds with npm run build.

Why you’d want this

• Debug a custom MCP integration without tailing server logs
• Audit AI agent activity on production sites before something goes wrong
• Review per-tool error rates to spot which abilities are flaky
• Trace a single agent session end-to-end when something breaks
• Export logs for compliance reviews or external analysis
• Let an AI agent monitor its own activity through the MCP server

REST API

Every admin feature is exposed under /wp-json/activity-log-for-mcp/v1/:

• GET /requests — list with filters, sort, and pagination
• GET /stats — totals, success rate, and calls per ability
• GET /sessions/{id} — every request in a session, in order
• GET /search — full-text across routes, abilities, and bodies
• GET /errors — recent failed executions and HTTP errors
• GET /tool-performance — per-ability call count, error rate, and unique users
• GET /filters — distinct ability names and users for dropdowns
• GET /export-csv — server-side streamed CSV download
• DELETE /requests — clear all logs
• DELETE /retention — delete logs older than a given date

MCP abilities

The plugin registers itself as an MCP server (activity-log-for-mcp-server) with seven abilities agents can call directly:

• get-activity — paginated log retrieval with filters
• get-stats — summary metrics with optional date range
• get-activity-by-session — full session trace, with optional body exclusion for lighter payloads
• search-activity — full-text search across stored requests and responses
• analyze-errors — recent errors with full details
• get-tool-performance — per-ability performance metrics
• clear-old-logs — date-based retention cleanup

Privacy and data handling

All data stays in your WordPress database — nothing is sent anywhere. Logs live in a custom table named {prefix}alfmcp_requests. You control retention and can clear everything from the admin UI or via REST. There’s no telemetry, no third-party calls, no external dependencies at runtime.

Disclaimer

Activity Log for MCP is not affiliated with, endorsed by, or sponsored any AI provider or the Model Context Protocol project. “MCP” and “Model Context Protocol” are referenced solely to describe the open protocol that this plugin observes.

Privacy Policy

Activity Log for MCP records REST API requests that contain the Mcp-Session-Id header. Logged data includes request routes, methods, headers, bodies, response data, user IDs, and timestamps. All data is stored in your WordPress database and is never transmitted to external services.