Security Assistant
🔒 Security Assistant
> Monitors your site for security threats. Checks failed logins, outdated plugins, suspicious user accounts, and recently modified files.
| Field | Value |
|---|---|
| Slug | security-assistant |
| Version | 1.0.0 |
| Category | Security |
| Author | Agentic Community |
| Required Capabilities | manage_options |
What It Does
Security Assistant monitors your WordPress site for threats and can take action when it finds them. It checks for failed login attempts grouped by IP address to identify brute-force patterns, lists plugins with available updates (the leading cause of WordPress compromises), and flags unexpected administrator or editor accounts.
The agent scans for recently modified PHP files that could indicate malicious code injection, monitors new user registrations for bot activity, and verifies WordPress core file integrity against official checksums to detect tampering.
When threats are found, Security Assistant can act: it can force a password reset on compromised user accounts, sending a standard WordPress reset email that requires the user to change their password before logging in again.
Beyond security, it includes engagement analysis tools that evaluate user behaviour signals — comment activity, content freshness, and exit page analysis — providing a fuller picture of site health through the lens of both security and user experience.
Tools
| Tool | Risk | Description |
|---|---|---|
get_security_overview | Low | Run a comprehensive security health check: failed logins, plugin updates, admin count, recent registrations, and a risk level summary with prioritised action items. |
get_failed_logins | Low | Check for failed login attempts in the site's security log. Returns individual events grouped by IP address to identify brute-force patterns. |
check_plugin_updates | None | Check which active plugins have available updates. Outdated plugins are a major security risk. |
list_privileged_users | Low | List users with elevated privileges (administrators and editors). Useful for reviewing who has access to sensitive site functions. |
get_recent_registrations | Low | List recently registered users. Useful for detecting bot registrations or unauthorised signups. |
check_file_modifications | None | Scan for recently modified PHP files in key WordPress directories. Unexpected modifications could indicate a compromise. |
verify_core_integrity | None | Compare WordPress core files against official checksums to detect modified, missing, or unexpected files. |
force_password_reset | High | Send a password reset email to a user, forcing them to change their password. Useful after detecting compromised credentials or suspicious login activity. |
get_engagement_overview | None | Analyse user engagement signals across the site: comment activity, content freshness, average word count, and integration with Site Kit and Jetpack Stats if available. |
get_top_exit_pages | None | Identify pages most likely to cause visitors to leave your site based on dead-end analysis (no internal links, thin content, no images). |
Example Prompts
- "Run a full security scan"
- "Show me recent failed login attempts"
- "Are any of my plugins outdated?"
- "Show all administrator accounts"
- "Force a password reset for user #5"
- "Check if any WordPress core files have been modified"
- "Were there any suspicious user registrations in the last week?"
- "Show me my site's engagement overview and which pages people are leaving from"
_Generated by Agent Builder for WordPress_