Governed ability
Delete user meta
aafm/delete-user-meta Guarded write
Delete an allowlisted meta key from a user the agent can edit. Removes all values of that key. Auth and capability keys can never be touched.
How it is governed
The same model as every ability in the plugin, stated for this one.
- Off until you enable it
Like every ability, Delete user meta ships switched off. You turn it on one at a time, and an update never widens access on its own.
- Guarded write
Writes stay conservative, and the plugin re-checks the capability before the call runs.
- Capability gated
A connection only sees Delete user meta if the user you connected can run it, and the plugin checks that capability again before it executes.
- Every call audited
The call is written to the log in your own database, denials included, with the argument keys but never the values.
- It can delete
This ability can delete. Where WordPress supports it, items go to Trash and can be restored, and the last administrator can never be removed.
See it in action
An illustrative run. Your real calls and data stay on your own site.
Try it with a prompt
Example requests you could paste to your agent.
Remove the temporary_note meta key from user 214.
Delete the old_department field on user 88.
Clear the seasonal_flag custom key from editor Priya so it stops showing.
These are illustrative example prompts. The agent runs them as the user you connected, checked against that user's capabilities and written to your audit log.
Frequently asked
Short answers for Delete user meta.
What exactly gets removed?
An allowlisted meta key on a user the agent can edit, including all values stored under that key. Authentication and capability keys can never be touched, so this cannot strip a user of their role.
Is this a safe operation?
It is a targeted delete of one allowlisted key, guarded by capability and off by default. It is recorded in the audit log, though meta deletion itself is not sent to the Trash, so treat it as a real removal.
Governed by default, from the first call.
Delete user meta is off until you enable it, scoped to the user you connect, and logged like everything else. Turn on only what you need.
Every ability off until you enable it, capability-gated on every call.