Disabling Novamira

A common question: if I disable Novamira for security reasons, do the changes my AI made stop working? The answer depends on where the AI wrote things.

AI-generated code in the Novamira sandbox

If the AI wrote code into Novamira’s sandbox (wp-content/novamira-sandbox/), you can keep the plugin active in production with the AI abilities switched off.

The sandbox will keep loading that code, but no AI agent can reach WordPress anymore. This is the recommended pattern: build with AI on staging, deploy to production with abilities off.

AI abilities are tied to the site URL

AI abilities are bound to the specific site URL, not to the installation itself. So if you develop on staging and push to production, the abilities automatically stay off on the production URL until you explicitly turn them on there.

Migrations don’t carry AI access with them. This is a deliberate safety net: cloning a site never leaks AI connectivity to a new environment.

Direct writes to WordPress

If the AI wrote things directly into WordPress (posts, pages, database rows, theme files, installed plugins, options), those persist regardless of Novamira’s state. Disabling the plugin does not roll back any of those changes.

This is standard WordPress behavior: Novamira is a conduit for changes, not a layer that owns them. Once data is in the database or files are on disk, they belong to WordPress.

What to disable, and when

• Turning off AI abilities (Novamira > Settings) keeps the plugin active but closes the MCP server. Sandbox code keeps loading. Safe for production.
• Deactivating the plugin entirely stops the sandbox from loading too. Any code the AI wrote there will no longer run.
• Uninstalling removes the plugin files. The sandbox directory (wp-content/novamira-sandbox/) is left on disk and must be deleted manually if you want it gone. Database content and changes made directly to WordPress also remain.