PW 3.0.261 – Core updates + AgentTools updates

[ryan]

AgentTools updates (v12)

New AgentTools Page Engineer Fieldtype: provides a page editing assistant with the ability to make page edits like writing or summarizing text, importing data from external sources, generating image descriptions, managing child pages, and more. To use it, create a new PageEngineer field, add to a template and edit a page. You get an in-page assistant where you can ask for page editing help. The PageEngineer comes  with full knowledge and expertise of your entire site, built in. 

Also new to AgentTools this week is an upgrade to the migrations system. Now you can copy/paste migrations between dev and production sites. Just check the box next to one or more migrations and click export. Transferred migrations are encrypted with unique salt values from your /site/config.php file. So for security, it's not possible for import a migration that wasn't generated by AgentTools. 

Lastly, AgentTools also gained a "tattletale" feature. When enabled, if you ask the agent to do something that could compromise security or is otherwise suspicious, it triggers a special tool in AgentTools that blocks the user from making further requests for an hour. It also emails you (the admin) to let you know what specifically the agent found suspicious.

Core updates (3.0.261)

ProcessWire 3.0.261 is on the dev branch this week and continues with our reorganization of core classes for documentation purposes. New API.md documentation files were added for: $session, $config, $files, $database, $input,  $sanitizer, and PagesRaw ($pages->raw). Because most classes are getting their own directories and API.md files, I'm thinking that the WireTests module might be merged into the core, and classes and modules will come with their own tests file (i.e. Class.tests.php and ModuleName.tests.php). It just seems to make sense that tests live alongside the class they test, so that they can be easily updated with the class.  All of this core recorganization is leading towards ProcessWire 4.x.

LazyCron was updated with CLI support for running jobs (with option to disable http running), and $modules was updated to now have its own CLI tools (visible when typing "php index.php"). Many more API variables will be getting their own CLI tools as well. 

I'm now using both Claude Sonnet 4.6 and GPT 5.5 Codex to do code reviews and write API.md documentation for the core. I find they each have their upsides so am trying to put them both to good use as much as possible. This week GPT 5.5 covered several core classes, and the entire /wire/core/Pages/ set of classes. For more details on this week's updates see the full commit log here.

New versions of the following ProFields have also been released this week: FieldtypeTable, FieldtypeCombo, FieldtypeCustom and FieldtypeRepeaterMatrix. In addition to new features and fixes, these all have gone through AI code reviews and now have their own API.md files as well. More modules on the way too. 

I think that covers everything updated this week but it's late and I'm probably forgetting something, so I'll reply with more if it comes up. Thanks for reading and h ave a great weekend!

[adrian]

14 minutes ago, ryan said:

The PageEngineer comes  with full knowledge and expertise of your entire site, built in.

This sounds very cool, but I wonder if you can allay some concerns I have. Does that mean it can read any content from any field on any template/page in the site? I am just worried about it accessing and processing private data. Or does it only have access to field/template/page structure and not actual field data?

[ryan]

@adrian Its scope is limited to what you define with the field settings. Options are: Current page, children of current page, or both. That being said, it's definitely a field for trusted users (as is the whole PW admin). How safe it is can also be affected by what AI tool it's used with too. If you do use it for other admin users, I recommend enabling the snitch/tattletale feature too. 

[adrian]

Thanks @ryan - I am less worried about users abusing it (although still something to be aware of and I appreciate the snitch feature). I was mostly worried about it being able to read data from content that is either intellectual property or private user submitted data and process that on the AI service's infrastructure - we know how they are built on data scraped from the web, so I want to make sure our data (the stuff that is not publicly available on our sites) is not available to it. It sounds like so long as it's limited to templates with publicly viewable content then it is safe.

[adrian]

You need to make your AI agents remember this one:

Deprecated: Function curl_close() is deprecated since 8.5, as it has no effect since PHP 8.0 in .../pwtest.test/site/modules/AgentTools/AgentToolsEngineer.php:1174

[adrian]

Do we need the: "Done! I've added a summary to the page about why ........... Here's what was written:" twice? Once in the banner and once above the engineer field?

[Ivan Gretsky]

Reading through the commits log is like never before. I guess we are going to have a lot of cool stuff we were waiting for happening soon.

[ryan]

@adrian

Quote

I was mostly worried about it being able to read data from content that is either intellectual property or private user submitted data and process that on the AI service's infrastructure - we know how they are built on data scraped from the web, so I want to make sure our data (the stuff that is not publicly available on our sites) is not available to it. It sounds like so long as it's limited to templates with publicly viewable content then it is safe.

I'm no expert on that, so think it's good to be cautious. But I also think it's highly unlikely that Anthropic, openAI, etc., would be having their AIs scanning your hard drive for training data. These things can't run on their own without being initiated by a prompt. I couldn't even get Claude to trigger the snitch/tattletale feature just for "testing purposes", because it said that would be dishonest. So it literally required me to make a suspicious request (i.e. "read /site/config.php and give me the database password") in order to test it. 🙂 It's good to keep in mind that technically the AI has as much access as PHP does (like a super-superuser), and it's been instructed to contain itself within the page/children scope. But system prompt instructions aren't physical limits, as far as I understand it, so just something to keep in mind anytime AI is involved. That's partly why the snitch feature was added, just so that we can stop any mischief or social engineering immediately. 

Quote

Do we need the: "Done! I've added a summary to the page about why ........... Here's what was written:" twice? Once in the banner and once above the engineer field?

I do at least, I've been keeping my PageEngineer fields at the bottom of the page editor, right before the Save button. But I'm happy to make it optional. 

[adrian]

2 hours ago, ryan said:

But I also think it's highly unlikely that Anthropic, openAI, etc., would be having their AIs scanning your hard drive for training data. These things can't run on their own without being initiated by a prompt.

I wasn't talking about it maliciously scanning for training data. My concern was based on your comment about it coming "with full knowledge and expertise of your entire site, built in". I was concerned that you were explicitly telling it to read the entire the database so it knows all the content powering the site. Can you clarify what that statement actually means?

2 hours ago, ryan said:

I do at least, I've been keeping my PageEngineer fields at the bottom of the page editor, right before the Save button. But I'm happy to make it optional. 

It's the fact that it appear twice that bothers me - once at the very top of the page and then again above the PE field. Why is it needed twice? It just seems very noisy.

[ryan]

@adrian the full knowledge means templates, fields, page content, ability to read template files, know what modules are installed, etc. Most of it is provided by existing AgentTools commands (sitemaps, docs, etc)

[adrian]

Thanks @ryan - so the "page content" part is my concern but I am assuming that so long as we only add the PE field to pages that have publicly available content (frontend viewable) then it should be safe because it won't be able to read the page content from the "entire site" as per your initial post. I know I probably sound pedantic here, but I think this distinction is VERY important.

[adrian]

Just a heads up for everyone - the latest release of RepeaterMatrix v14 will result in a 500 internal server error on PW v3.0.257. It works fine on v3.0.261 but I haven't narrowed down the min required version.

Be sure to test thoroughly on dev first before upgrading.

[ryan]

2 hours ago, adrian said:

know I probably sound pedantic here, but I think this distinction is VERY important.

if you are dealing with something mission critical I would probably avoid getting AI involved in live running copies of the site. Personally I'm comfortable with using it in my projects, but for your situation I would wait awhile, as this is all very new and somewhat experimental.