🎉 Use coupon MYXERO to enjoy 20% recurring discount on any plan. View Pricing
XeroWP
P

PillarShield

0/5 (0 ratings) — active installs Updated Mar 28, 2026
compliancegovernancemoderationpublishing
Download v0.1.0

PillarShield integrates WordPress with the PillarShield SaaS governance API. It runs checks at the publish boundary, blocks non‑compliant content, allows optional overrides, and keeps a governance record per post for reporting. You must obtain a PillarShield API key from https://pillarshield.co for the plugin to function.

Key features:

  • Gate governance checks on publish/private statuses (configurable per post type).
  • Optional manual checks that never block saves.
  • Override workflow for privileged users.
  • Governance reporting under Tools PillarShield (blocked-at-gate items only).
  • Safe storage of outcomes without raw content.

Configuration

Settings PillarShield:

  • API Endpoint: The PillarShield governance endpoint.
  • API Key: Your tenant API key (psk_...).
    • Get a key at https://pillarshield.co. The plugin does not perform governance checks without a valid API key.
    • You can also define PILLARSHIELD_API_KEY in wp-config.php to override the stored option:
      define(‘PILLARSHIELD_API_KEY’, ‘psk_…’);
  • Enable Governance: Turn checks on/off.
  • Allow Save Without API: Allow publishing if the API is unavailable.
  • Enabled Post Types: Which post types are governed.
  • Fields per Post Type: Comma‑separated fields to scan. Supports meta:KEY.
  • Gate Configuration:
    • Gated statuses (default: publish + private)
    • Fallback status (default: draft)

Use the Test Connection button to validate API access.

Editor UX

On governed post types, a PillarShield meta box appears with:

  • Check PillarShield governance on this save (manual check)
  • Override PillarShield governance (save anyway)

These checkboxes do not persist — they only apply to the current save.

Permissions (Roles/Capabilities)

PillarShield adds these capabilities:

  • pillarshield_manage_settings — manage settings page
  • pillarshield_view_reports — view reports
  • pillarshield_manual_check — run manual check
  • pillarshield_override_governance — override violations

On activation, these are granted to Administrators only.

Override visibility requirement:
The Override checkbox only appears for users who have the pillarshield_override_governance capability. Editors will not see it unless you explicitly grant that capability via a role editor plugin or custom code.

Reporting

Tools PillarShield:

  • Overview of content currently blocked at the gate.
  • Details page per post with block reason and metadata.

External services

This plugin connects to the PillarShield governance API to evaluate post content for compliance before publishing.

Service: PillarShield SaaS governance API, operated by PillarShield.
Endpoint: https://api.pillarshield.co/pillarshield-governance/governance

What is sent and when:
When a user saves a post to a gated status (by default: publish or private) on a governed post type, or manually triggers a governance check, the plugin sends a POST request containing:

  • The post’s configured content fields (by default: title, body, and excerpt)
  • Post metadata: post type, post ID, post UUID, post URL, and target publish status
  • WordPress user context: user ID and roles (no email or username is transmitted)
  • The tenant API key

No data is sent during autosaves, revisions, or saves to non-gated statuses. The plugin requires a valid API key obtained from https://pillarshield.co to function.

Support

Support and documentation: https://pillarshield.co.