Website Editor
How website execution jobs work — bounded edits, preview flow, approval, and audit trails
How Website Execution Works
The Website Editor uses a canonical execution platform for all connected website work. Whether triggered by an admin operator or handed off from the SEO agent, every change follows the same persisted job record, transport policy, and lifecycle semantics.
No live mutation happens without a bounded, previewed, and approved job. The platform never makes unbounded or wildcard edits to any site.
Transport Modes
Website jobs run through one of two transport modes:
| Mode | Description | Default Approval | Backup |
|---|---|---|---|
wordpress-live | Direct writes to a connected WordPress site | preview_required | Required by default |
github-pr | Commit-first to a working branch, optional PR promotion | preview_required | N/A |
WordPress live edits must declare bounded allowedTargets[]. Wildcards like *, /, all, or site-wide are rejected by policy.
WordPress Live Mode
- Writes go directly to the connected WordPress REST API
- Targets must be explicitly bounded (specific pages, posts, or elements)
riskLevelis mandatory — classify the change explicitly- Backups are required by default
- Previews are generated before execution
GitHub PR Mode
- Commits to a configured working branch (never
mainormaster) - Direct writes to the repo default branch are rejected by policy
- Pull request creation is optional (
createPullRequest: true) - Promotion to
mainis a separate PR step - The connected GitHub connection carries the working branch preference (e.g.,
test)
Job Lifecycle
Every website execution job moves through these states:
| Status | Meaning | Operator Action |
|---|---|---|
draft | Job exists, no preview yet | Safe to edit inputs |
preview_ready | Preview metadata available | Inspect targets and blocked reasons |
queued | Accepted for worker execution | Wait for completion |
running | Worker actively executing | Monitor heartbeats |
review_required | Execution produced a review artifact | Review and approve |
completed | Finished successfully | Check result metadata |
failed | Terminally failed | Check lastError |
cancelled | Intentionally cancelled | No further action |
Preview and Result Artifacts
Preview (Pre-Execution)
Before any change is applied, the system generates a preview artifact containing:
- Summary — what the job plans to do
- Warnings[] — any concerns detected
- BlockedReasons[] — why execution may be blocked
- BackupRef — reference to the pre-change backup
- RequiresBackup — whether a backup was created
- Operations[] — typed list of planned operations
Result (Post-Execution)
After execution, the result artifact includes:
- Summary — what was done
- Status — final execution status
- ErrorMessage — if applicable
- BranchName / CommitSha — for GitHub transport
- PullRequestUrl — if a PR was created
- DestinationUrl — live URL of the changed resource
- BackupRef — for rollback if needed
- Operations[] — typed list of completed operations
Approval Flow
- Operator creates a job — defines objective, targets, and transport
- System generates preview — job moves to
preview_ready - Operator reviews preview — inspects planned operations, warnings, and blocked reasons
- Operator approves — job moves to
queuedfor worker execution - Worker executes — job moves to
running, thencompletedorfailed - If review required — job pauses at
review_requiredfor final sign-off
Never report inline completion when a job is only queued or pending review. The operator must see truthful status at every step.
SEO Agent Handoff
The SEO agent can create website execution jobs when it has resolved executable inputs:
- Blog posts are queued as WordPress drafts (
operation: "write_entity",postType: "post",status: "draft") - Money-page edits go through the same bounded execution contract
- The SEO runtime cannot call WordPress or GitHub mutation helpers directly — it must create a job
If the SEO agent cannot fully resolve a bounded execution payload, it returns a recommendation instead of creating a job. Partial or unbounded edits are never submitted.
Supported SEO Operations
| Source | Job Type | Transport |
|---|---|---|
| Auto-blogger | WordPress draft post | wordpress-live |
| Money-page optimization | Page content update | wordpress-live |
| Elementor smart edits | Widget-scoped edit | wordpress-live |
| Technical SEO fixes | Configuration change | wordpress-live or github-pr |
Bounded Execution
Every job must declare:
- allowedTargets[] — what the job is permitted to modify (cannot be empty or contain wildcards)
- blockedTargets[] — explicit guardrails for sensitive areas
- changeRequest — typed request with
kind,summary, and structuredpayload - objective — human-readable bounded scope for the job
Freeform prompt blobs are not accepted as the executable contract. Every change must be structured and typed.
Activity and Audit Trail
Every lifecycle transition emits a shared website activity record:
| Event | Meaning |
|---|---|
website_execution.job.created | Job persisted for the first time |
website_execution.job.preview_ready | Preview artifact available |
website_execution.job.queued | Job accepted into the queue |
website_execution.job.running | Worker claimed the lease |
website_execution.job.review_required | Review artifact ready |
website_execution.job.completed | Execution succeeded |
website_execution.job.failed | Execution failed |
website_execution.job.cancelled | Job was cancelled |
wordpress.entity.write | WordPress entity created or updated |
wordpress.taxonomy.assign | WordPress taxonomy mutation |
wordpress.elementor.plan | Elementor smart plan emitted |
wordpress.elementor.apply | Elementor smart apply completed |
github.change_set.applied | GitHub branch change set committed |
github.pull_request.created | Pull request opened |
Activity status values follow the shared four-level contract: info, success, warning, error.
Managing Jobs
Via Admin UI
- Navigate to the client's website section
- Review pending jobs in the execution queue
- Inspect preview artifacts before approving
- Approve or reject queued jobs
- Monitor running jobs via heartbeat status
Via API
# List jobs for a client
GET /admin/website-execution/jobs?clientId=CLIENT_ID
# Get job detail with preview
GET /admin/website-execution/jobs/JOB_ID
# Approve and queue a previewed job
POST /admin/website-execution/jobs/JOB_ID/approve
# Cancel a queued or running job
POST /admin/website-execution/jobs/JOB_ID/cancel
Troubleshooting
| Issue | Resolution |
|---|---|
Job stuck in queued | Worker may not be running — check heartbeat status |
allowedTargets rejected | Remove wildcards and specify exact targets |
| Preview shows blocked reasons | Address the listed blockers before approving |
| WordPress write fails | Verify REST API credentials and permissions |
| GitHub push rejected | Confirm working branch exists and token has write access |
| Backup not created | Check backupRequired is true and backup storage is configured |
