A non-technical website owner connects their live WordPress site and makes changes in plain English — “change my phone number,” “make the top bar navy,” “add a testimonials section.” An AI agent proposes every change draft-first with a before/after and a live preview. One click to Approve & publish. Everything is reversible, and it never fakes going live.
Most small-business owners are stuck: every tiny website edit means emailing a developer, waiting days, and paying for it. SiteSitter puts a calm, honest AI editor in front of their real site — so they can just ask.
SiteSitter is a plugin on the owner’s site, a backend “brain,” and a dashboard. They talk to each other over a cryptographically signed channel, so no one can spoof a change.
Installed on the owner’s WordPress site. It sends a snapshot (pages, text, header/footer templates, menus, links, styles) and applies approved changes draft-first — nothing public until approved, pulled via WP-cron. Has a simple Connect screen (backend URL + connect code).
Runs the AI agent, stores everything in SQLite (sites, sessions, users, connect tokens, instructions, audit), handles auth, mints connect codes, and runs the honest apply loop (only says “it’s live” when truly applied). Needs SQLite + headless Chrome + a cron, so it runs on a real host, not the edge.
The owner’s dashboard and chat UI: sign up / log in, add a website, the connect wizard, make-a-change chat, before/after + approve, changes history + undo, AI recommendations, health, security, settings, and billing.
From sign-up to “Connected!” — the owner never touches a server URL. They paste one code and the site links itself to their account automatically.
The owner signs up in the portal using a passwordless magic link. No passwords to remember or leak.
They click “Add a website,” enter their site’s address, and the portal mints a one-time connect code. The owner never sees a server URL.
They install the SiteSitter plugin (upload zip → Activate), then paste the connect code on the plugin’s Connect screen.
The plugin exchanges the code with the backend (/api/v1/enroll/exchange) → the site enrolls and links to the owner’s account → the portal’s status card flips to “Connected!” on its own.
All requests are Ed25519-signed. The site pulls approved changes via WP-cron, applies them draft-first, then reports the honest result.
The agent figures out what and where, proposes it draft-first, and only publishes after the owner approves. If something is genuinely ambiguous, it asks exactly one question.
“Make the top bar navy” or “add a testimonials section.”
Uses its tools to locate the exact text, element, style, or link.
Before/after diff + live preview. Nothing is live yet.
One interactive pop-up (radio / checkbox / confirm) only if truly ambiguous.
Plugin applies it live and purges caches so it shows on reload.
Truthful “it’s live” confirmation, with one-click undo.
The core product is proven end-to-end. Below is what actually works today, grouped by area.
Kept deliberately honest. The single biggest gap is reliable production hosting — everything else is scoped and prioritized.
With DNS access → a stable named tunnel on the owner’s own domain.
Deploy fully to Cloudflare (Pages + Containers) — laptop-free.
Right now dev-mode shows the magic link on-screen. Launch needs a real email service to actually send login emails.
SiteSitter is reachable today through a stable Cloudflare Worker proxy. Both the backend and the portal are served through it.