Problem
The agent cannot send administrator emails through a controlled tool path, blocking key automations (alerts/reports).
Implementation Plan
1) New ability
Add email_send_admin built-in ability in includes/abilities/. To keep this safe and prevent spamming, this will only allow emails to be sent to the main admin of the WordPress site.
2) Input schema
subject (required, sanitized, max length)message (required)
3) Execution behavior
- Use
wp_mail() only.
- Recipient is always set from
get_option( 'admin_email' ).
4) Policy + confirmation
- Add runtime policy flag (e.g.
allow_email_send) in Policy_Helper.
- For safety, require confirmation token for non-heartbeat triggers OR apply explicit policy for trigger types.
- Emit action/event logs with requesting and execution user IDs.
5) Output schema
Return:
sent booleantosubject- optional
error code/message.
Acceptance Criteria
- Agent can send email to admin via a single ability call.
- Policy can disable email sends by trigger profile.
- Events/logging include email send attempts and outcomes.
Test Plan
- Unit tests:
- successful send path,
- invalid recipient,
- blocked by policy,
- confirmation-required path.
- Ensure no secret leakage in logs.
Out of Scope
- Attachments in v1.
- Rich templating engine.
Problem
The agent cannot send administrator emails through a controlled tool path, blocking key automations (alerts/reports).
Implementation Plan
1) New ability
Add
email_send_adminbuilt-in ability inincludes/abilities/. To keep this safe and prevent spamming, this will only allow emails to be sent to the main admin of the WordPress site.2) Input schema
subject(required, sanitized, max length)message(required)3) Execution behavior
wp_mail()only.get_option( 'admin_email' ).4) Policy + confirmation
allow_email_send) inPolicy_Helper.5) Output schema
Return:
sentbooleantosubjecterrorcode/message.Acceptance Criteria
Test Plan
Out of Scope