Governed ability

Update user

aafm/update-user Guarded write

Edit a user's display name, name, or email by id. Changing a role needs the promote-users capability and never demotes the last administrator.

How it is governed

The same model as every ability in the plugin, stated for this one.

  • Off until you enable it

    Like every ability, Update user ships switched off. You turn it on one at a time, and an update never widens access on its own.

  • Guarded write

    Writes stay conservative, and the plugin re-checks the capability before the call runs.

  • Capability gated

    A connection only sees Update user if the user you connected can run it, and the plugin checks that capability again before it executes.

  • Every call audited

    The call is written to the log in your own database, denials included, with the argument keys but never the values.

See it in action

An illustrative run. Your real calls and data stay on your own site.

agent-abilities · audit Governed
You Update user on this site.
Run Running aafm/update-user
Gate Allowed capability re-checked before running
Audit aafm/update-user · principal: editor · args: user_id
Result Applies the change, then writes the call to the audit log.

Try it with a prompt

Example requests you could paste to your agent.

  1. Update the display name for user 214 to Priya Nair.
  2. Change the email on user 88 to [email protected].
  3. Fix the first and last name fields for editor Priya.

These are illustrative example prompts. The agent runs them as the user you connected, checked against that user's capabilities and written to your audit log.

Frequently asked

Short answers for Update user.

Can this promote a user to a higher role?

Changing a role needs the separate promote-users capability, and the ability will never demote the last administrator. Without that capability it can only edit display name, name, and email.

Whose accounts can it edit?

Only users the connected account can edit. It is capability-gated, off by default, and every change is written to the audit log.

Back to all abilities

Governed by default, from the first call.

Update user is off until you enable it, scoped to the user you connect, and logged like everything else. Turn on only what you need.

Every ability off until you enable it, capability-gated on every call.