WordPress.org
Get WordPress
WordPress.org

Plugin Directory

Tactical — AI Agent Detection for WooCommerce

Tactical — AI Agent Detection for WooCommerce

By sourabhnk
Download

Description

AI shopping agents from ChatGPT, Perplexity, Claude, and Google AI visit your storefront every day — browsing products, comparing prices, deciding what to recommend. They’re invisible to standard analytics.

This plugin connects your WooCommerce store to Tactical, a third-party agent-traffic intelligence service operated at https://tactical-app.work. The plugin handles install, snippet injection, and WooCommerce webhook registration; the dashboard, alerts, and reporting live in your Tactical account on tactical-app.work.

What you get:

  • Agent Traffic Monitor — real-time counts of agent visits broken down by agent type, day, and product
  • Intent Signals — score every session by browse vs. buy intent; compare agent vs. human conversion
  • Competitive Exposure (paid plans) — see which competitors are sending agents to check your prices

Why agent traffic matters now:

Standard analytics filter agent traffic out as “bot noise”. As of Q2 2026, AI agents make up an estimated 8–12% of e-commerce site visits — and that share is growing month over month. The merchants who see this traffic are the ones positioned to capture the buyers it represents.

Tactical pricing — managed at tactical-app.work:

Tactical is a tiered SaaS product. The plugin works on every tier, including the free one.

  • Scout — $0/mo (free forever) — Tactical’s free tier. 100 agent sessions/week, top 3 agent types, weekly intelligence brief. No credit card.
  • Radar — $39/mo — 90-day history, all agent types, intent signals, product interest map (10,000 sessions/mo)
  • Command — $129/mo — competitive exposure, revenue leakage estimates, custom competitor tracking, unlimited products (50,000 sessions/mo)

Annual plans save ~25%.

Multi-platform:

This plugin is for WooCommerce. The same Tactical account also works on Shopify (via the Shopify App Store) and on any custom storefront (via JS snippet at tactical-app.work).

External services

This plugin connects to Tactical at https://tactical-app.work — a third-party agent-traffic intelligence service operated by the plugin author. The plugin requires an active Tactical account (free Scout tier is sufficient) to function. Without an API key configured on the settings page, no requests are made.

Endpoints used:

  • Snippet ingesthttps://tactical-app.work/api/ingest. The detection script (https://tactical-app.work/snippet.js) loads on every storefront page view and posts an event payload containing: an anonymised session ID, page URL (path + query string only), referrer domain, user-agent string, scroll/mouse/timing heuristics, and your store’s API key. No customer PII (no names, emails, IP addresses, payment data, or form contents) is sent.
  • Connection verificationhttps://tactical-app.work/api/verify-connection. Triggered only when an admin clicks “Verify connection” on the settings page. Sends only your API key (in a request header) so Tactical can confirm the key belongs to this store. No event data.
  • WooCommerce webhookshttps://tactical-app.work/api/wc-webhook/<topic>. On plugin activation, three webhook subscriptions are registered with WooCommerce (order.created, order.updated, product.created, product.updated). WooCommerce delivers these payloads directly to Tactical with WC’s standard HMAC signature when matching events occur on your store. Payload contents are WooCommerce’s standard webhook bodies (order or product objects).

Conditions: events are only sent after you paste a valid API key on the settings page. Without a key, the snippet does not load, no requests are made, and no webhooks are registered.

Service terms:

  • Tactical Privacy Policy: https://tactical-app.work/privacy
  • Tactical Terms of Service: https://tactical-app.work/terms

Installation

  1. Upload the tactical-agent-detection folder to /wp-content/plugins/, or install via the Plugins Add New screen.
  2. Activate the plugin. (WooCommerce must be installed and active first; this plugin declares it as a required dependency.)
  3. Sign up at https://tactical-app.work and copy your API key from the dashboard.
  4. Go to Settings Tactical and paste the API key.
  5. Click “Verify connection” — you should see a green checkmark.
  6. Open your storefront — Tactical starts classifying agent traffic immediately.

The plugin auto-registers WooCommerce webhooks for order.created, order.updated, product.created, and product.updated so order and catalog activity is correlated with agent sessions.

FAQ

Do I need a Tactical account to use this plugin?

Yes — sign up free at tactical-app.work. The free Scout tier is 100 agent sessions per week with no credit card.

What data does the plugin collect?

Anonymised session metadata only: user-agent, page URL, referrer, scroll/mouse heuristics, and product context. No PII, no IP addresses, no cart contents, no customer identifiers.

How is agent traffic detected?

Tactical’s edge classifier uses user-agent patterns, IP-derived signals (datacenter flag, country — the IP itself is not stored), request behaviour, and known agent fingerprints to identify ChatGPT, Perplexity, Claude, Google AI, and other AI agents in real time.

Will this slow down my site?

No. The script loads asynchronously with the defer attribute and weighs under 5 KB. Classification happens at Tactical’s edge, off your origin.

How do I cancel?

Cancel from the Tactical dashboard’s billing page at tactical-app.work. The plugin keeps working on the free Scout tier after cancellation.

Where’s my data stored?

In Tactical’s Postgres database (US/EU regions). Aggregated and purged on a 90-day rolling window.

Is this GDPR-compliant?

Tactical processes data under the legitimate-interest legal basis. We don’t store PII or browser fingerprints, and merchants can request data deletion at any time from the dashboard or by emailing hello@tactical-app.work. A Data Processing Addendum is available on request.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Tactical — AI Agent Detection for WooCommerce” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Tactical — AI Agent Detection for WooCommerce” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.2

  • Security: removed the data-key attribute from the storefront <script> tag. The Tactical API key is a server-side secret used to sign WooCommerce webhook deliveries and authenticate plugin-to-server API calls — it must not appear in browser-rendered HTML. The snippet identifies the tenant by data-shop plus the request Origin, so no key is required client-side. Recommended upgrade for all installs.

1.0.1

  • Compliance: storefront snippet now loads via wp_enqueue_script with the defer strategy, decorated via the script_loader_tag filter. No more inline <script> injection.
  • Compliance: settings-page admin JS extracted to assets/admin-settings.js, enqueued via wp_enqueue_script + wp_localize_script. No more inline <script> in the admin page.
  • Compliance: declared Requires Plugins: woocommerce so WP correctly blocks activation without WooCommerce.
  • Readme: added the “External services” disclosure, clarified Scout/Tactical naming in the pricing section, updated Contributors.
  • Bumped Requires at least to WP 6.3 (needed for wp_enqueue_script defer/async strategy).

1.0.0

  • Initial release.
  • Snippet injection on the storefront when an API key is configured.
  • Settings page with API key, store domain, and “Verify connection” button.
  • Auto-registration of WooCommerce webhooks for order and product topics.
  • Uninstall removes options + Tactical-managed webhooks.

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum