Shopify Dev MCP vs WooCommerce
Shopify and WooCommerce are the two ecommerce platforms most builders compare, and their official MCP servers reflect two different ways to put an agent to work. Shopify's Dev MCP is a developer-grounding server: it never touches a live store, instead connecting the agent to Shopify's developer resources — the Admin GraphQL API, Functions, Storefront, Liquid themes, Hydrogen, Polaris — so generated code is correct against current APIs, with tools to learn the API surface, search docs, and validate GraphQL, theme files, and components against the real schema. WooCommerce's official server is an operations server: built on the WordPress MCP architecture, it lets an agent run real store operations — query, create, update, and delete products, query orders by status or customer, update order status, and add notes — through schemas and permission callbacks that respect the store's roles. So the headline difference is build-time correctness versus run-time control. Here is how the two compare.
How they compare
| Dimension | Shopify Dev MCP | WooCommerce |
|---|---|---|
| What it does | Grounds development: loads up-to-date Shopify API context, searches shopify.dev docs, and validates generated GraphQL, themes, and components so the model doesn't ship hallucinated fields. It does not operate a store. | Operates the store: queries and mutates products and orders, updates order status with an optional note, and adds order notes — real data changes within the store's roles. |
| Surfaces covered | Admin GraphQL API, Functions, Storefront, Liquid themes, Hydrogen, and Polaris components, threaded through a conversation ID returned by learn_shopify_api. | The canonical WooCommerce abilities introduced in WooCommerce 10.9: product CRUD with filtering and sorting, order querying, order-status updates, and order notes. |
| Credentials and risk | No authentication or store credentials required, which makes it safe to add to any project — it reads docs and validates code, nothing more. | Authenticates with WooCommerce REST API keys (consumer_key:consumer_secret) in an X-MCP-API-Key header with read, write, or read/write scope — real mutations, so scope the key. |
| Deployment | Local stdio via npx (@shopify/dev-mcp); optional env vars enable extra surfaces like Storefront web components and tune theme validation. | A local proxy (npx @automattic/mcp-wordpress-remote) translates stdio into calls to your store's MCP endpoint at /wp-json/woocommerce/mcp; enabled behind a feature flag and currently a developer preview. |
| Best-fit task | Building a Shopify app or theme with an agent and keeping its code correct against the live API schema before you deploy. | Running an existing WooCommerce store conversationally — managing the catalog and processing orders without opening WP admin. |
Verdict
These servers answer different questions, so the choice often comes down to which platform you run and whether you need build-time or run-time help. Shopify's Dev MCP is the pick when you are writing code for the Shopify platform and want an agent that stays accurate against the Admin GraphQL API, themes, and components — it touches no store data and needs no credentials, so it is safe to add anywhere. WooCommerce's server is the pick when you run a WooCommerce store and want the agent to actually manage products and process orders, with REST keys scoped to read, write, or both. If you build for Shopify, the Dev MCP keeps your code honest; if you operate on WooCommerce, its server gives the agent real hands. Note the WooCommerce integration is still a developer preview, so expect its API to evolve.
FAQ
- Can Shopify's Dev MCP manage a live store?
- No. It is a developer-grounding server that loads API context, searches docs, and validates code — it never connects to or mutates a live Shopify store. For store operations you would use Shopify's Admin API directly.
- Is the WooCommerce server production-ready?
- It is currently a developer preview, enabled behind a feature flag in WooCommerce settings, so its APIs may evolve as it moves toward general availability. Its write, update, and delete tools are real, so scope the REST key carefully.