Title: Clautron Author: dudaster Published: June 23, 2026 Last modified: June 23, 2026 --- Search plugins ![](https://s.w.org/plugins/geopattern-icon/clautron.svg) # Clautron By [dudaster](https://profiles.wordpress.org/dudaster/) [Download](https://downloads.wordpress.org/plugin/clautron.1.0.9.zip) * [Details](https://wordpress.org/plugins/clautron/#description) * [Reviews](https://wordpress.org/plugins/clautron/#reviews) * [Installation](https://wordpress.org/plugins/clautron/#installation) * [Development](https://wordpress.org/plugins/clautron/#developers) [Support](https://wordpress.org/support/plugin/clautron/) ## Description Clautron is an AI-powered WordPress functionality builder that lets you create workflows, admin tools, and custom site behaviors from reusable declarative primitives — without writing code. Describe what you want in plain language and Clautron generates the configuration. Features are built from pre-defined, composable building blocks called primitives. **Key features:** * **AI-assisted blueprint generation** — describe functionality in plain language and Clautron generates the configuration automatically * **Reusable primitives** — build features from pre-defined, composable building blocks * **Scheduled jobs** — run one-time or recurring automated tasks with cron expressions * **Custom reports** — create data queries and display results in the admin area * **Safe by design** — a safety policy layer prevents dangerous operations ### External Services This plugin uses the WordPress AI Client (built into WordPress 7.0+) to generate blueprint configurations from natural language descriptions. Clautron does not directly connect to any external AI service. All AI requests are routed through the WordPress AI Client. The provider that receives your prompts is determined by the AI provider configured in your WordPress installation’s AI settings. Please refer to the terms of service and privacy policy of your configured AI provider. ## Installation 1. Upload the `clautron` folder to the `/wp-content/plugins/` directory. 2. Activate the plugin through the **Plugins** menu in WordPress. 3. Navigate to **Clautron** in the admin menu. 4. Go to **Settings** and enter your AI provider API key. ## FAQ ### Which AI providers are supported? Clautron uses the WordPress AI Client (built into WordPress 7.0+). The provider is configured at the WordPress level — go to your WordPress AI settings to choose and configure a provider. No API keys are stored by this plugin. ### Is my data sent to third-party services? Only the natural language prompts you type in the AI Assistant are sent to your AI provider, via the WordPress AI Client. Clautron does not directly connect to any external AI service — all communication is handled by WordPress core. No WordPress content, posts, users, or site data is transmitted. ### What are primitives? Primitives are the building blocks of Clautron features — pre-defined, reusable units of WordPress functionality such as custom post types, meta fields, admin columns, scheduled tasks, and more. ### Does this plugin store data in the database? Yes. Clautron creates its own database tables (prefixed with `wp_clautron_`) to store blueprints, conversation history, scheduled jobs, workflow state, and execution logs. All data is removed if you uninstall the plugin. ### What permissions are required? Clautron is accessible only to administrators (`manage_options` capability). No frontend functionality or public-facing pages are added to your site. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “Clautron” is open source software. The following people have contributed to this plugin. Contributors * [ dudaster ](https://profiles.wordpress.org/dudaster/) [Translate “Clautron” into your language.](https://translate.wordpress.org/projects/wp-plugins/clautron) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/clautron/), check out the [SVN repository](https://plugins.svn.wordpress.org/clautron/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/clautron/) by [RSS](https://plugins.trac.wordpress.org/log/clautron/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0.9 * Hardened write_option primitive: added comprehensive denylist blocking WordPress core options and any option name containing sensitive substrings (password, secret, api_key, token, salt, private_key). * Hardened read_option primitive: added denylist blocking reads of auth keys, salts, passwords, and API credential options to prevent exposure of sensitive data. #### 1.0.8 * Migrated AI integration to WordPress AI Client (WordPress 7.0+) — removed direct Anthropic, OpenAI, Grok, and Ollama provider integrations. * Added missing nonce checks to handle_delete_blueprint, handle_rollback_version, handle_get_blueprint_preview AJAX handlers. * Added nonce to admin list table filter (primitive-ui) and verified on parse_query. * Fixed unsafe SQL in DB uninstall and migration: DROP TABLE, SHOW COLUMNS, ALTER TABLE now use wpdb::prepare() with %i placeholder. * Updated minimum WordPress requirement to 7.0. #### 1.0.7 * Fixed SQL query builders: replaced dynamic WHERE/ORDER concatenation with fully literal SQL strings and bypass conditions to satisfy WordPress.DB.PreparedSQL. NotPrepared. * Moved tests/ directory outside the plugin folder (development-only, not distributed). * Removed stray .DS_Store file. #### 1.0.6 * Fixed EscapeOutput: use JSON_HEX_TAG instead of str_replace for JSON-LD script output. * Fixed SQL preparation: refactored query/aggregate builders to use %i table placeholder and single prepare() call with explicit placeholders. * Fixed input handling: replaced direct $_GET/$_POST access with filter_input() throughout. * Renamed non-prefixed page-scope variables to use clautron_ prefix. #### 1.0.4 * Replaced all external policy deep-links with root domain URLs to avoid Cloudflare- blocked automated checks. #### 1.0.3 * Updated external service URLs in readme (OpenAI policy links). * Confirmed compatibility with WordPress 7.0. #### 1.0.2 * Security: added explicit nonce checks in all AJAX handlers. * Security: added capability checks in admin page callbacks. * Removed create_user primitive per wp.org review guidelines. * Author URI updated to WordPress.org profile. #### 1.0.0 * Initial release. ## Meta * Version **1.0.9** * Last updated **24 hours ago** * Active installations **Fewer than 10** * WordPress version ** 7.0 or higher ** * Tested up to **7.0** * PHP version ** 8.1 or higher ** * Tags * [AI](https://wordpress.org/plugins/tags/ai/)[automation](https://wordpress.org/plugins/tags/automation/) [blueprints](https://wordpress.org/plugins/tags/blueprints/)[No-code](https://wordpress.org/plugins/tags/no-code/) [workflow](https://wordpress.org/plugins/tags/workflow/) * [Advanced View](https://wordpress.org/plugins/clautron/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/clautron/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/clautron/reviews/) ## Contributors * [ dudaster ](https://profiles.wordpress.org/dudaster/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/clautron/)