Connect WordPress to the PillarShield SaaS API and enforce governance checks at publish time.
| Author: | pteglia (profile at wordpress.org) |
| WordPress version required: | 6.0 |
| WordPress version tested: | 6.9.4 |
| Plugin version: | 0.1.0 |
| Added to WordPress repository: | 28-03-2026 |
| Last updated: | 28-03-2026 |
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | |
| Total downloads: | 29 |
 Click to start download |
|
PillarShield integrates WordPress with the PillarShield SaaS governance API. It runs checks at the publish boundary, blocks non‑compliant content, allows optional overrides, and keeps a governance record per post for reporting. You must obtain a PillarShield API key from https://pillarshield.co for the plugin to function.
Key features:
- Gate governance checks on publish/private statuses (configurable per post type).
- Optional manual checks that never block saves.
- Override workflow for privileged users.
- Governance reporting under Tools PillarShield (blocked-at-gate items only).
- Safe storage of outcomes without raw content.
Configuration
Settings PillarShield:
- API Endpoint: The PillarShield governance endpoint.
- API Key: Your tenant API key (
psk_...).- Get a key at https://pillarshield.co. The plugin does not perform governance checks without a valid API key.
- You can also define
PILLARSHIELD_API_KEYinwp-config.phpto override the stored option:
define(‘PILLARSHIELD_API_KEY’, ‘psk_…’);
- Enable Governance: Turn checks on/off.
- Allow Save Without API: Allow publishing if the API is unavailable.
- Enabled Post Types: Which post types are governed.
- Fields per Post Type: Comma‑separated fields to scan. Supports
meta:KEY. - Gate Configuration:
- Gated statuses (default: publish + private)
- Fallback status (default: draft)
Use the Test Connection button to validate API access.
Editor UX
On governed post types, a PillarShield meta box appears with:
- Check PillarShield governance on this save (manual check)
- Override PillarShield governance (save anyway)
These checkboxes do not persist — they only apply to the current save.
Permissions (Roles/Capabilities)
PillarShield adds these capabilities:
pillarshield_manage_settings— manage settings pagepillarshield_view_reports— view reportspillarshield_manual_check— run manual checkpillarshield_override_governance— override violations
On activation, these are granted to Administrators only.
Override visibility requirement:
The Override checkbox only appears for users who have the pillarshield_override_governance capability. Editors will not see it unless you explicitly grant that capability via a role editor plugin or custom code.
Reporting
Tools PillarShield:
- Overview of content currently blocked at the gate.
- Details page per post with block reason and metadata.
External services
This plugin connects to the PillarShield governance API to evaluate post content for compliance before publishing.
Service: PillarShield SaaS governance API, operated by PillarShield.
Endpoint: https://api.pillarshield.co/pillarshield-governance/governance
What is sent and when:
When a user saves a post to a gated status (by default: publish or private) on a governed post type, or manually triggers a governance check, the plugin sends a POST request containing:
- The post’s configured content fields (by default: title, body, and excerpt)
- Post metadata: post type, post ID, post UUID, post URL, and target publish status
- WordPress user context: user ID and roles (no email or username is transmitted)
- The tenant API key
No data is sent during autosaves, revisions, or saves to non-gated statuses. The plugin requires a valid API key obtained from https://pillarshield.co to function.
Support
Support and documentation: https://pillarshield.co.
FAQ
ChangeLog