WordPress.org
Get WordPress
WordPress.org

Plugin Directory

Buildli

Buildli

By wpagentapp
Download

Description

Buildli is the small, zero-dependency bridge between your self-hosted WordPress site and buildli.app — an AI-powered chat interface that edits your site on request.

After activating the plugin and connecting your site, you can open the chat at buildli.app and ask for changes in plain language:

  • “Create a Contact page with a simple form and a map.”
  • “Rewrite the homepage hero to focus on our new summer collection.”
  • “Translate the FAQ into French and publish it as a new page.”
  • “Fix the SEO titles on my five most-visited blog posts.”

Every action is previewed before it runs, revisions are saved so any change can be undone, and an emergency recovery URL lets you disable the connector with a single click if anything ever goes wrong.

Built-in safety:

  • Preview-first — every write action is shown to you in the chat before it runs.
  • Automatic revisions — updates snapshot the previous state so one click reverts them.
  • Draft mode — an optional per-site toggle that forces every agent write to land in draft.
  • Recovery URL — a secret one-time URL that disables the connector even if your admin is broken.
  • Audit log — every tool execution is recorded in your Buildli dashboard.

Zero dependencies. The plugin is a few hundred lines of PHP that only uses WordPress core APIs — no third-party libraries, no database tables, no analytics, no outbound calls except to the Buildli API.

Your API key stays with us. The plugin holds only its own site-specific token; the AI provider API key Buildli uses is never exposed to the plugin or your site.

Self-hosted only. This plugin targets WordPress.org (self-hosted) sites — it cannot be installed on WordPress.com.

Disclaimer. Buildli is an independent product and is not affiliated with, endorsed by, or sponsored by the WordPress Foundation, Automattic, or any other entity.

How it works

  1. You connect your site at buildli.app using WordPress’s built-in Application Passwords flow — you’re redirected to your own admin, approve, and come back.
  2. The plugin is auto-installed and stores a unique token.
  3. From then on, Buildli signs every request to your site with HMAC-SHA256 using that token.
  4. When you chat at buildli.app, the agent calls this plugin’s REST endpoints to read and modify content on your behalf — only actions you approve.

Privacy

  • The plugin does not call any third-party service on its own.
  • On activation, it registers REST endpoints on your site at /wp-json/buildli/v1/.
  • When you trigger changes from buildli.app, the content of the post or page you’re editing is sent to the Buildli API (and onward to the underlying AI model) so the assistant can reason about it. This is disclosed in our Privacy Policy at https://buildli.app/legal/privacy.
  • Site events (post created, plugin activated, theme switched) are sent as webhook notifications to buildli.app so the assistant’s context stays fresh. You can disable webhooks in the plugin settings.

Screenshots

Installation

Automatic (recommended):

  1. Sign up at buildli.app
  2. Paste your site URL and click “Connect with WordPress”
  3. Approve the connection in your WP admin
  4. Done — the plugin is installed and configured automatically.

Manual:

  1. Download the latest release ZIP from buildli.app or wordpress.org
  2. In WP admin, go to Plugins Add New Upload Plugin, select the ZIP, click Install Now, then Activate
  3. Go to Settings Buildli and paste the token shown in your buildli.app dashboard

FAQ

Does this work with page builders like Elementor or Divi?

Yes for most read operations and for posts using Gutenberg. Direct edits to Elementor/Divi post_content are blocked by the plugin because they’d break the builder’s proprietary data.

What happens if the agent breaks my site?

Every write-tool action creates a WordPress revision before it runs. In the chat UI, each action has an Undo button that restores the revision. If something goes catastrophically wrong, your “recovery URL” — shown once at setup — disables the connector with a single click, even if you can’t reach your admin.

Does Buildli store my content?

The chat conversation is stored at buildli.app so you can pick up where you left off. Post/page content is sent to the AI only at the moment you ask for an edit; it is not retained for training. Enterprise customers can request Zero Data Retention.

Can I disconnect the site?

Yes — deactivate the plugin, or delete the site in your Buildli dashboard. Either cuts the connection immediately.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Buildli” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Buildli” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

0.4.4

  • Security: tool exception messages are now stripped of HTML before being returned to the cloud, preventing reflected-XSS via malformed third-party plugin error messages.
  • Security: capabilities endpoint now returns only currently-active plugins. Inactive plugins are no longer enumerated in the response.
  • Cleanup: added uninstall.php so the API token, recovery-token hash, and legacy plaintext recovery-token are deleted when the plugin is removed (not just deactivated). Multisite-aware.

0.4.3

  • Security: recovery token is now stored as a SHA-256 hash in wp_options instead of plaintext. Sites upgrading from 0.4.2 or earlier will see the legacy plaintext value cleaned up automatically the next time the cloud handshakes with the connector.

0.4.2

  • Multilingual support: new i18n adapter detects WPML or Polylang and exposes i18n.list_languages and i18n.get_translations so the AI can locate translated counterparts of any post and edit them through the regular post tools.

0.4.1

  • Privacy Policy URL in readme.txt now points to the correct path (/legal/privacy).

0.4.0

  • Universal adapter framework — Buildli now natively edits posts on Gutenberg, Elementor, WooCommerce, Yoast / Rank Math / AIOSEO, ACF, Divi, Bricks Builder, and Beaver Builder.
  • Adapter-aware tool dispatch: one tool name (update_component) automatically routes to the right builder per post.
  • New /buildli/v1/capabilities endpoint reports the active builders and integrations on the site so the AI knows what it can edit.
  • Snapshot/restore now captures builder-specific meta (Elementor _elementor_data, Beaver _fl_builder_data, etc) so undo is faithful across builders.

0.3.1

  • Plugin Check compliance: wrapped all throw new Exception() messages in esc_html() / esc_html__().
  • Sanitized $_SERVER['REMOTE_ADDR'] with wp_unslash() + sanitize_text_field() in the recovery rate limiter.
  • Shortened the readme.txt short description to fit the 150-character limit.

0.3.0

  • Renamed plugin to Buildli; new REST namespace buildli/v1 and HTTP signature headers X-Buildli-*.
  • All code prefixes, options, and constants updated to the buildli_ / BUILDLI_ prefix per WordPress.org guidelines.
  • Recovery page styles moved to a registered stylesheet (no inline <style>).
  • Removed load_plugin_textdomain() call (handled automatically since WP 4.6).

0.2.0

  • Added /setup endpoint for one-click connection via Application Passwords.
  • Added revert_to_revision and delete_post tools so in-chat undo can restore prior post states.
  • Added site-event webhooks so manually-made changes keep the agent’s context fresh.
  • Added /health and read_site_info improvements.

0.1.0

  • Initial release.

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum