{"mcp_version":"2025-11-25","name":"WebsitePublisher.ai","version":"2.1.0","description":"AI-native website publishing platform. Build, manage, and deploy websites through conversation.","transport":["streamable-http"],"endpoints":{"streamable_http":"https:\/\/mcp.websitepublisher.ai\/mcp\/"},"authentication":{"type":"oauth2","metadata":"https:\/\/mcp.websitepublisher.ai\/mcp\/.well-known\/oauth-protected-resource"},"tools":[{"name":"list_projects","title":"List Projects","description":"List all projects the authenticated user has access to. NOTE: If you are about to build or modify a website, call get_skill first \u2014 it contains required patterns for page structure, SAPI forms, and the go-live checklist."},{"name":"get_project_status","title":"Get Project Status","description":"Get detailed status of a specific project including page, asset, and entity counts"},{"name":"get_skill","title":"Get Agent Skill","description":"ALWAYS call this tool at the start of every conversation where you will build or modify a WebsitePublisher website. Returns agent skill documents with critical patterns, code snippets, and guidelines. Use skill_name=\"design\" before building any HTML pages \u2014 it contains typography, color, layout, and animation guidelines that produce professional-quality websites."},{"name":"create_project","title":"Create Project","description":"Create a new project for the user. Each project is an independent website with its own pages, assets, entities, and subdomain. Respects plan limits (Free: 1 project, Starter: 3, Pro: 10, Agency: unlimited). Returns the new project_id and subdomain."},{"name":"list_pages","title":"List Pages","description":"List all pages in a project"},{"name":"get_page","title":"Get Page","description":"Get a specific page with its content. Returns version and version_hash for use with patch_page."},{"name":"create_page","title":"Create Page","description":"Create a new page with HTML content. Tip: use <!--#wps-include fragment=\"name\" --> to embed reusable fragments (nav, footer). Create fragments first with create_fragment."},{"name":"update_page","title":"Update Page","description":"Replace an existing page with full new content. Requires base_version_hash (from get_page) to prevent accidental overwrites \u2014 send force: true to skip this check. For small changes, use patch_page instead \u2014 it saves tokens and preserves version history."},{"name":"delete_page","title":"Delete Page","description":"Delete a page"},{"name":"patch_page","title":"Patch Page","description":"Apply targeted changes to an existing page without sending the full content. base_version_hash is optional \u2014 if omitted, find\/replace acts as the natural conflict guard. Supports replace, delete, insert_before and insert_after operations. Much more efficient than update_page for small edits."},{"name":"get_page_versions","title":"Get Page Version History","description":"Get the version history of a page. Returns metadata (version numbers, hashes, timestamps, change summaries) \u2014 no content. Useful to check what changed or find a version to rollback to."},{"name":"rollback_page","title":"Rollback Page","description":"Rollback a page to a previous version. Creates a new version with the old content (audit trail preserved). Specify either target_version (number) or target_version_hash. Use get_page_versions to find available versions."},{"name":"list_fragments","title":"List Fragments","description":"List all reusable HTML fragments in a project. Returns fragment_name, include_tag, content and version info."},{"name":"create_fragment","title":"Create Fragment","description":"Create a reusable HTML fragment. Returns include_tag to embed in pages: <!--#wps-include fragment=\"name\" -->. Use for shared elements like nav, footer, banners."},{"name":"update_fragment","title":"Update Fragment","description":"Update a reusable HTML fragment. All pages using its include_tag will serve the new content on next request (cache invalidated automatically). Pass base_version_hash from the fragment's current version to enable optimistic locking \u2014 the update will fail if another edit happened since you last read it. Use force=true to skip the version check."},{"name":"delete_fragment","title":"Delete Fragment","description":"Delete a reusable HTML fragment. Pages using its include_tag will render an empty string in its place."},{"name":"list_assets","title":"List Assets","description":"List all assets (images, CSS, JS, etc.) in a project"},{"name":"get_asset","title":"Get Asset","description":"Read the full content of an existing asset so you can inspect it before patching. Text assets (js, css, json, svg, txt, html) are returned as UTF-8 strings in `content` with `encoding: \"utf-8\"`. Binary assets (images, fonts, pdf) are returned as base64 in `content` with `encoding: \"base64\"`, but only if size \u2264 1MB; above that the content is omitted and you should use the `url` field to download directly. Always returns `version_hash` (md5 of raw bytes) for future optimistic concurrency in patch_asset."},{"name":"upload_asset","title":"Upload Asset","description":"Upload an asset (image, font, PDF, etc). Provide exactly one of: content (base64), content_text (plain text for JS\/CSS\/JSON\/SVG \u2014 preferred, saves tokens), or source_url (public HTTPS URL for images). Set overwrite: true to replace an existing asset."},{"name":"delete_asset","title":"Delete Asset","description":"Delete an asset"},{"name":"patch_asset","title":"Patch Asset","description":"Apply targeted text changes to an existing asset (js, css, json, svg) without re-uploading the full file. Uses find\/replace like patch_page. For binary assets (images, fonts), use upload_asset with overwrite: true instead."},{"name":"list_entities","title":"List Entities","description":"List all entities (data models) in a project. Entities are like database tables that store structured data."},{"name":"create_entity","title":"Create Entity","description":"Create a new entity (data model). Example: create a \"blogpost\" entity with title, content, author fields."},{"name":"get_entity_schema","title":"Get Entity Schema","description":"Get the schema definition of an entity, including all its properties and their types"},{"name":"delete_entity","title":"Delete Entity","description":"Delete an entity and ALL its data. This action cannot be undone!"},{"name":"update_entity","title":"Update Entity","description":"Update entity metadata such as plural name, description, or public_read access. Set public_read to true to make entity data accessible without authentication via \/mapi\/public\/{projectId}\/{entity}."},{"name":"list_records","title":"List Records","description":"List all records of an entity type with optional pagination"},{"name":"get_record","title":"Get Record","description":"Get a single record by ID"},{"name":"create_record","title":"Create Record","description":"Create a new record in an entity. Fields depend on the entity schema."},{"name":"update_record","title":"Update Record","description":"Update an existing record. Only provided fields will be updated."},{"name":"delete_record","title":"Delete Record","description":"Delete a record by ID"},{"name":"vault_list_secrets","title":"List Vault Secrets","description":"List all secrets stored in a project's vault. Returns metadata only (key names, prefixes, service types, status) \u2014 never the actual secret values. Use this to check what credentials are stored before setting up integrations."},{"name":"vault_store_secret","title":"Store Vault Secret","description":"Store or update a secret in the project vault. The value is encrypted with AES-256-GCM and can never be read back. Use this to save API keys for integrations. If the key_name already exists, the value is replaced. For integration setup, prefer setup_integration which handles validation. For production API keys, the Dashboard Vault tab (dashboard.websitepublisher.ai\/vault) is the recommended secure alternative \u2014 keys go directly to encrypted storage without passing through the AI conversation."},{"name":"vault_delete_secret","title":"Delete Vault Secret","description":"Permanently delete a secret from the project vault. This cannot be undone. The encrypted value is destroyed."},{"name":"list_integrations","title":"List Integrations","description":"List all available integrations and their configuration status for a project. Shows which integrations are fully configured (vault secrets present and ready to use) and which are available but need setup. Use get_integration_schema to see the full endpoint details and input parameters for a specific integration."},{"name":"get_integration_schema","title":"Get Integration Schema","description":"Get the full schema of a specific integration: all available endpoints, required fields, and input parameters. Call this before execute_integration to know exactly how to call an endpoint. Use list_integrations first to see which integrations are available."},{"name":"setup_integration","title":"Set Up Integration","description":"Configure an integration by storing its required API keys in the vault. Validates key format against the integration manifest. After setup, the integration endpoints become available for execute_integration calls. Use list_integrations first to see what secrets are required. For production API keys, consider using the Dashboard Vault tab (dashboard.websitepublisher.ai\/vault) instead \u2014 keys are stored directly without passing through the AI conversation."},{"name":"execute_integration","title":"Run Integration Action","description":"Execute an integration action \u2014 e.g., send an email via Resend, create a payment via Mollie. The system resolves vault credentials server-side so you never handle API keys directly. The integration must be configured first via setup_integration (not needed for built-in integrations). Call get_integration_schema first to get the exact endpoint name and required input fields."},{"name":"remove_integration","title":"Remove Integration","description":"Remove an integration by permanently deleting all its vault secrets. After removal, the integration endpoints will no longer work until reconfigured via setup_integration."},{"name":"configure_form","title":"Configure Form","description":"Define or update a form for a published website. Sets required fields and what actions execute on submit. Use action for a single action, or actions (array, max 3) for multiple in sequence. Built-in action (no setup needed): {\\\"type\\\": \\\"leads\\\"} \u2014 stores submissions in platform-native lead capture, retrievable via get_integration_schema on the \"leads\" service. External actions: {\\\"type\\\": \\\"iapi\\\", \\\"service\\\": \\\"resend\\\", ...} for email, or {\\\"type\\\": \\\"webhook\\\", \\\"url\\\": \\\"...\\\"}. The visitor only sends field values \u2014 actions are locked server-side. Use list_integrations to check available external services. IMPORTANT: When generating the JavaScript snippet for the page, always use the Safari ITP-proof pattern: store session_id in sessionStorage and send it as X-Session-Id header on both the session GET and form submit fetch calls. This is required for custom domains (e.g. www.site.com) where Safari blocks third-party cookies."},{"name":"list_forms","title":"List Forms","description":"List all configured forms for a project. Shows form names, required fields, configured actions, and submit limits."},{"name":"remove_form","title":"Remove Form","description":"Remove a form configuration from a project. Visitors will no longer be able to submit this form."},{"name":"set_tracking_scripts","title":"Set Tracking Scripts","description":"Set Google Analytics, Google Tag Manager, Meta Pixel, or other tracking\/conversion scripts for a project. Scripts are automatically injected into every page: head_scripts before <\/head> (for analytics\/GTM), body_scripts before <\/body> (for conversion pixels). Set a field to null or omit it to clear."},{"name":"get_tracking_scripts","title":"Get Tracking Scripts","description":"Get the current tracking scripts configured for a project. Returns head_scripts and body_scripts, or null if none configured."},{"name":"remove_tracking_scripts","title":"Remove Tracking Scripts","description":"Remove all tracking scripts from a project. Pages will no longer have tracking code injected."},{"name":"create_edit_session","title":"Create Visual Edit Session","description":"Creates a visual edit session so the user can upload and manage images on their published page using a browser-based editor. Returns an edit URL to share with the user. When creating pages with images, use data-wpe-slot placeholder images instead of base64 \u2014 then create an edit session so the user can upload real images."},{"name":"get_edit_session_changes","title":"Get Edit Session Changes","description":"Reads back what the user changed during a visual edit session. Returns a structured changelog with uploaded images, dimensions, style changes, etc. Use this after sharing the edit URL with the user to see what they did."},{"name":"create_scheduled_task","title":"Create Scheduled Task","description":"Create a scheduled task that runs automatically at specified times. Supports cron expressions for flexible scheduling. Use run_once=true for one-time scheduled actions (e.g., publish a page at a specific date\/time). Common cron patterns: \"0 9 * * *\" (daily 9am), \"0 9 * * 1\" (Monday 9am), \"0 *\/6 * * *\" (every 6h), \"0 0 1 1 *\" (Jan 1st midnight)."},{"name":"list_scheduled_tasks","title":"List Scheduled Tasks","description":"List all scheduled tasks for a project, showing their status, next run time, and last execution."},{"name":"delete_scheduled_task","title":"Delete Scheduled Task","description":"Delete a scheduled task and all its run history."},{"name":"configure_visitor_auth","title":"Configure Visitor Authentication","description":"Configure visitor authentication for a published website. Enables email-based login (magic link or 6-digit code) for website visitors. Required before visitors can authenticate. Use method \"link\" for one-click email login, \"code\" for a 6-digit verification code."},{"name":"get_visitor_auth_config","title":"Get Visitor Authentication Config","description":"Get the current visitor auth configuration for a project. Shows whether auth is enabled, which methods are allowed, and the success redirect URL."},{"name":"get_analytics","title":"Get Visitor Analytics","description":"Get visitor analytics for a project. Returns pageview counts, unique visitors, top pages, referrers, device breakdown, UTM data, or daily trend. Use period \"today\", \"7d\", \"30d\", or \"90d\"."},{"name":"list_tasks","title":"List Tasks","description":"List all tracked tasks with current completion percentage and status. Returns root tasks only by default (child tasks are hidden \u2014 drill in with parent_id to see them, or set parent_id_null=false for the flat list). Snoozed tasks are hidden by default \u2014 use include_snoozed=true to show them. Tasks without any history have status=null \u2014 use \"null\" in the status filter to find them."},{"name":"get_task","title":"Get Task","description":"Get a single task with computed completion percentage, current status, and available architecture document versions."},{"name":"get_task_history","title":"Get Task History","description":"Get the full history of a task \u2014 all progress updates, notes, snippets, blockers, and architecture documents. Use with_content=true to fetch MD content from S3."},{"name":"create_task","title":"Create Task","description":"Create a new task item in the shared task tracker. Use descriptive slugs like \"sapi-fase4\" or \"capi-intake-redesign\"."},{"name":"add_task_history","title":"Add Task History Entry","description":"Append a history record to a task. This is the primary way to report progress, add notes, store handover snippets, or attach architecture documents. Never overwrites existing state \u2014 fully append-only."},{"name":"export_tasks","title":"Export Tasks Overview","description":"Generate a Markdown overview of all tasks grouped by status (in_progress, blocked, open, null, done) with completion percentages. Tasks without history appear under \"Geen status\". Includes recent activity from today and yesterday. Use this at the start of a session for a quick backlog overview, or to share current status."}],"tool_count":59,"prompts":[],"resources":[],"links":{"documentation":"https:\/\/websitepublisher.ai\/docs\/mcp","dashboard":"https:\/\/dashboard.websitepublisher.ai"}}