Description
VideoWhisper Site Manager helps you manage WordPress posts and pages through ChatGPT (Custom GPT + Actions) using your account (and subscription), without embedding an AI service inside WordPress.
It provides:
- A secure REST layer for content operations
- A generated OpenAPI schema URL for GPT Actions import
- A guided onboarding flow with copy/paste values for ChatGPT Builder
- One-click creation of a WordPress Application Password (shown once, not stored)
- Safety controls such as HTTPS enforcement, draft-first behavior, and publish gating
The plugin does not call OpenAI (or any AI provider) directly. Your WordPress site exposes authenticated endpoints and setup guidance. You connect it to ChatGPT yourself with own account and subscription (optional).
Ideal for
- Site owners who want to draft/edit WordPress content by chat
- Teams using a dedicated WordPress user (recommended: Editor) for AI-assisted publishing workflows
- Mobile workflows after desktop setup (configure once, then use the GPT on phone/tablet)
Direct Mode (current version)
- Install and activate VideoWhisper Site Manager.
- Open VideoWhisper Site Manager > Onboarding.
- Create (or link) a dedicated WordPress user (recommended role: Editor).
- Create an Application Password from the onboarding page (one click).
- In ChatGPT Builder (desktop), create a Custom GPT and import the plugin OpenAPI schema URL.
- Use the provided copy/paste values for Configure and Actions.
- Test on desktop, then use the same GPT on mobile.
Features
- ChatGPT / GPT Actions integration via generated OpenAPI schema URL (
/wp-json/videowhisper-site-manager/v1/openapi) - GPT Actions onboarding aligned with current auth UI (
Authentication Type: API Key,Auth Type: Basic) - One-click Application Password creation for the dedicated operator user (plaintext shown once, not stored)
- Guided onboarding with copyable values for:
- GPT Name, Description, Instructions, Conversation Starters
- Action authentication values
- Schema URL and Privacy Policy URL
curlexamples and credential samples
- REST endpoints for listing, reading, creating, and updating WordPress posts/pages
dry_runsupport for safer create/update previews before writing- Draft-first workflow and optional publish permission (
Allow publish) - HTTPS enforcement for plugin endpoints by default (with dev-only HTTP override setting)
- Categories and tags support
- Generic SEO metadata fields (plugin-owned keys)
- Audit logging endpoint for administrators
- Settings endpoint for administrators
- Admin notices and onboarding reminders for incomplete setup
- Recommended GPT capabilities guidance (Web Search / Code Interpreter, etc.)
ChatGPT Setup (Quick Notes)
- Use a Custom GPT on desktop for initial setup.
- In Actions, import the schema from the plugin’s OpenAPI URL (do not paste the whole schema manually).
- For authentication, the onboarding guide provides the values for current GPT Actions UI:
Authentication Type=API KeyAuth Type=Basic
- For GPT sharing/visibility, choose Only Me (recommended). Do not use Link unless you fully understand the risk.
Privacy
This plugin stores the following data on your WordPress site:
- Plugin settings in WordPress options (for example: publish/rate limit/HTTPS behavior settings)
- Audit log entries in a custom database table (
*_vwsm_audit_logs) - Optional dedicated operator user ID reference in WordPress options (when using onboarding helper)
- Short-lived transient for one-time Application Password display after creation (plaintext is not stored long-term)
Audit logs may include:
- Authenticated WordPress user ID
- Request route and method
- Sanitized request/response summaries
- Timestamp and IP address
This plugin does not send data to third-party AI services by itself.
This plugin does not include telemetry/analytics tracking by default.
Site owners are responsible for:
- Securing the site with HTTPS
- Managing WordPress users and Application Passwords
- Configuring GPT sharing safely (recommended: Only Me)
- Reviewing the privacy implications of any external AI service connected to the site’s API
Installation
- Upload the
videowhisper-site-managerplugin folder to/wp-content/plugins/, or install it via the WordPress Plugins screen. - Activate the plugin through the “Plugins” screen in WordPress.
- Open VideoWhisper Site Manager > Onboarding (you will also see an admin reminder notice until setup is complete).
- Create or link a dedicated WordPress user (recommended role: Editor).
- Create an Application Password directly from the onboarding page.
- Open ChatGPT Builder on desktop and follow the provided step-by-step instructions.
- Import the OpenAPI schema from the URL shown in onboarding.
- Paste the provided GPT Configure and Action values, save, and test with a read-only action first.
FAQ
-
Does this plugin store an OpenAI API key?
-
No. This plugin does not store or use OpenAI API keys.
-
How does authentication work?
-
Direct Mode uses WordPress Application Passwords with HTTP Basic Authentication over HTTPS. The onboarding flow can create the Application Password for you and provides GPT Actions-compatible auth values.
-
Can the API publish posts immediately?
-
Not by default. Publishing is blocked unless an administrator enables Allow publish in the plugin settings. The onboarding instructions and GPT guidance also reflect whether publishing is enabled.
-
Why does ChatGPT get a 403 on settings or logs?
-
The
/settingsand/logsendpoints are admin-only by default. This is intentional. A dedicated Editor account can still create/edit content, but cannot access operational endpoints. -
Does the plugin require HTTPS?
-
Yes, by default plugin REST endpoints (including the OpenAPI endpoint) require HTTPS. A development-only setting can allow HTTP if needed on a local/dev environment.
-
Can I set up everything from the plugin without visiting Users > Profile?
-
Yes. You can create the dedicated user and create the Application Password directly from the onboarding page. A profile link is still provided for later review/revocation.
-
What content types are supported?
-
Version 0.2.0 supports WordPress posts and pages.
-
Does it include an AI chat interface inside WordPress?
-
No. This plugin only provides REST endpoints and onboarding for external AI tools.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“VideoWhisper Site Manager” is open source software. The following people have contributed to this plugin.
Contributors
Translate “VideoWhisper Site Manager” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
0.2.1
- Fixed: Moved inline JavaScript on the onboarding page to an enqueued external file (assets/js/admin-onboarding.js) using wp_enqueue_script() and wp_localize_script() per WordPress coding standards
- Fixed: REST permission callback for /content endpoint now checks the post-type-specific capability (e.g. edit_pages for pages) instead of always checking edit_posts
0.2.0
- Added admin Logs page in wp-admin
- Added configurable audit log retention with daily cleanup
- Simplified onboarding with ChatGPT/Generic tabs
- Updated ChatGPT action setup guidance and sharing safety notes
- Moved advanced options to Pro extension hooks and Pro add-on integration improvements
- Added/expanded extension hooks documentation for third-party add-ons
- Policy/readiness cleanup for WordPress.org checks
0.1.0
- Initial release
- Direct Mode REST endpoints for content, settings, logs, and OpenAPI
- ChatGPT / GPT Actions onboarding with generated OpenAPI schema URL
- One-click dedicated user + Application Password onboarding helpers
- GPT Builder step-by-step setup instructions with copy/paste values
- HTTPS enforcement for plugin endpoints (with development override)
- Draft-first workflow with optional publish gate
- Audit logging and admin settings controls