← all builds
● liveLive since May 2026 — one post per week, 8 published May 17 to July 6, 2026

The blog that writes and publishes itself: a weekly Claude to WordPress pipeline

A scheduled GitHub Action writes one cited, compliance-aware post a week with Claude and publishes it straight to WordPress. Eight posts have gone out this way, hands-off.

humbearmedia.com/blog

## the problem

Every agency knows it should blog consistently, and almost none do. The post that never gets written is the one that would have ranked. I wanted a blog that keeps publishing whether or not I have a free afternoon.

The catch is the vertical. Humbear Media markets addiction-treatment and behavioral-health providers, which means LegitScript, HIPAA, and 42 CFR Part 2 are all in play. Generic AI content is a liability here: an outcome guarantee, a fabricated statistic, or a made-up citation is not just bad writing, it is a compliance problem. So automating the blog was only acceptable if the automation was more careful than a rushed human would be, not less.

I also wanted the content to earn citations from AI answer engines, not just Google. That means structure — short extractable answers, question-style headings, real sources — baked into every post rather than bolted on.

## what I built

A self-publishing blog pipeline that lives in a GitHub repo. A scheduled GitHub Action runs every Monday, calls the Anthropic API to write a full post, publishes it live to humbearmedia.com through the WordPress REST API, and commits a Markdown copy of the post back to the repo as a record. No human is in the loop for the happy path, but every publish sends me a notification email so I can spot-check.

The generator is a single Node script. It reads a rotating list of 30 treatment-center marketing topics, feeds Claude the last dozen titles so it does not repeat itself, and forces the model to answer through a submit_post tool call so the output is guaranteed-shape JSON — title, slug, meta description, HTML body, and a structured FAQ — instead of free text I would have to parse.

Every post is written to be both ranked and quoted: a self-contained short-answer lead, question-style headings, an FAQ section, and FAQPage JSON-LD injected into the published HTML for rich-result eligibility. The compliance and citation rules are not suggestions in the prompt, they are hard constraints, and the script also strips any script or style tags and protects internal links from accidental nofollow before anything goes live.

## how Claude was actually used

  1. 01

    Claude Code built the whole pipeline

    The repo — the generator script, the GitHub Action, the topic list, the record-keeping — was built with Claude Code. It is a small, boring, reliable system on purpose: one script, one workflow file, a topics file, and a posts folder.

  2. 02

    A forced tool call for guaranteed structure

    The script calls the Anthropic API with tool_choice set to a single submit_post tool, so Claude must return a title, slug, 120-155 character meta description, semantic-HTML body, and a 4-6 item FAQ array. The pipeline never has to parse prose, and the FAQ array is reused to emit FAQPage structured data. The model is configurable via an env var and defaults to a Claude Sonnet model.

  3. 03

    Citations required, fabrication forbidden

    The system prompt makes one rule load-bearing: every factual, statistical, or regulatory claim needs an inline link to a real, authoritative source — HHS and the Office for Civil Rights, SAMHSA, NIH and NIDA, CDC, LegitScript, official Google and Meta ad-policy pages, Joint Commission, CARF, ASAM — and the post ends with a Sources list. The model is told never to invent URLs, studies, or statistics; anything it cannot back becomes qualitative or gets dropped. This is the same standard the rest of my content follows.

  4. 04

    Compliance guardrails for a regulated vertical

    The prompt forbids outcome guarantees, superlatives, PHI, and testimonials, and frames regulatory topics as general information rather than legal advice. The generator is writing in a space where the wrong sentence is a real risk, so those constraints ship with every post.

  5. 05

    Publishing around a platform limitation

    The site runs on WordPress.com/Atomic, which disables the built-in Application Passwords feature, so the usual REST auth does not work. The fix was a token-authenticated custom route defined by a Code Snippet on the WordPress side; the Action posts to it with a shared token stored as a GitHub Actions secret. Not elegant, but it is the honest workaround the host forced.

## stack

Claude CodeClaude API (@anthropic-ai/sdk pattern via fetch)Claude Sonnet (default model, configurable)Node.js 20GitHub Actions (weekly cron)WordPress REST API (token-authenticated custom route)WordPress.com / AtomicFAQPage JSON-LDmarkdownlint-cli2

## results (the verifiable kind)

  • Live and publishing to humbearmedia.com/blog, one post per week on a Monday 15:00 UTC GitHub Actions schedule, with a manual run-workflow option.
  • Eight posts generated and published this way between May 17 and July 6, 2026, each committed back to the repo with its WordPress post ID and live URL recorded in the frontmatter.
  • Structured output via a forced submit_post tool call, so the pipeline never parses free text; a FAQPage JSON-LD block is emitted into every published post.
  • A citation guardrail that requires a real authoritative source for every factual or regulatory claim and forbids fabricated URLs, studies, or statistics, with a Sources list closing each post.
  • Compliance guardrails for the regulated vertical: no outcome guarantees, no superlatives, no PHI, no testimonials, and regulatory topics framed as general information.
  • A rotating 30-topic list plus recent-title feedback so the generator does not repeat angles it has already covered.

## what I learned

  • Auto-publishing AI content is only responsible with the guardrails turned up, not down. The never-fabricate-a-citation rule and the compliance constraints are what make hands-off publishing acceptable in a regulated space — and a notification email still lets me catch anything that reads wrong.
  • Forcing a tool call beats asking nicely for JSON. The output shape is guaranteed before the publisher ever sees it, which is what lets the rest of the pipeline stay dumb and reliable.
  • Host limitations shape the architecture. WordPress.com/Atomic disabling Application Passwords is why publishing goes through a token route instead of standard REST auth; rotating that token means updating it in two places, the repo secret and the WordPress snippet.
  • Structure is the SEO. Writing every post as an extractable short answer with question headings and an FAQ is what makes it eligible to be quoted by answer engines, not an afterthought you add later.

$ follow --the-build

Watch it happen, don't take my word for it

Every build on this site gets documented as it happens — the prompts, the dead ends, the results. No course at the end of this funnel. There is no funnel.

follow on x →