GoldenRetriever AI Chat

Description

GoldenRetriever AI Chat turns your WordPress site into a 24/7 AI chatbot — an advisor that talks like you and answers visitor questions grounded in your own content. Drop a chat widget on any page, or flip on the site-wide floating bubble. Your visitors get answers about your products, policies and posts in seconds — no live-chat staffing, no monthly SaaS fees, no third-party service holding your conversation history. You pay your AI provider directly for the tokens you use; the plugin adds no per-message charge of its own.

You bring your own Anthropic API key for Claude. The plugin sends your visitors’ messages and a system prompt grounded in your site content directly to Anthropic — never to a SaaS vendor in the middle. Conversations are rate-limited, capability-gated and origin-checked at the REST layer; the API key is encrypted at rest with AES-256-GCM tied to your WordPress salts.

Built for non-technical site owners. Five-minute setup from “install” to “ask my first question.” Native WordPress UI, Gutenberg block, classic shortcode, sensible defaults for every option, and a built-in Test Chat panel so you can sanity-check the advisor before any visitor sees it.

Features in this free release

• Streaming Claude chat — Server-Sent Events flow tokens to the visitor as Claude generates them.
• Encrypted BYO API key — Your Anthropic key is encrypted with AES-256-GCM at rest, tied to your WordPress salts. Only the last four characters are ever shown in the UI; the plaintext is never echoed back.
• Three placements — site-wide floating bubble, Gutenberg GoldenRetriever AI Chat block, or [grchat_chat] shortcode; inherits your theme’s colours and fonts automatically.
• Theme-inheriting widget — picks up --wp--preset--color--primary and your body font where the theme exposes them; falls back to a neutral palette.
• Rendered, chunked FULLTEXT content index — posts and pages are rendered through the_content so shortcodes and page-builder output become searchable text, then chunked into a MySQL FULLTEXT index.
• Incremental updates on save — the index updates automatically when you publish or update a post; no manual re-index needed for routine changes.
• Resumable “Reindex all content” job — a one-click full reindex with a live progress bar; safe to stop and restart at any time.
• URL and file knowledge sources — administrators can add a public URL (SSRF-guarded via wp_safe_remote_get()) or upload .txt / .md files to extend the knowledge base.
• Configurable maximum response length — cap token usage per reply to control cost.
• Signed-token + rate-limited public chat endpoint — the anonymous front-end chat endpoint is protected by a short-lived signed request token; per-IP and global rate limits (both filterable) stop abusive traffic.
• Advanced prompt editing with reset — edit the system prompt in the admin, inject important links (booking URL, contact page, support email) automatically into every conversation, and reset to the shipped default with one click.
• Important links injection — the advisor automatically weaves your booking URL, contact page, and support email address into answers; no manual prompt editing required.
• Email me this chat — visitors can email themselves the conversation transcript from inside the widget. Consent-aware: the visitor’s email is stored in your site’s own database only when they opt in (not sent to any external service). Administrators can view captured leads in wp-admin, export them as a CSV from the Leads tab, and the table is fully covered by WordPress’s built-in privacy exporter and personal-data eraser tools.
• Leads tab — paginated list of visitors who opted in to receive their transcript, with CSV export and injection-safe column handling. Pro routes leads to your inbox or CRM with full conversation context.
• Bug report — the Support tab lets you send a pre-filled diagnostics report to the support team via your own email client (mailto), with recent log entries attached. No data leaves your server until you click Send in your email app.
• Refer a friend — one-click referral link from the Support tab (draft copy shipped; final wording is a pending decision).
• Optional “Get your own” widget link — a small, configurable attribution link in the widget footer that drives word-of-mouth. Toggle it off from the Appearance tab.
• Full uninstall cleanup — removing the plugin drops all plugin-created tables and options; no orphaned data.

How it works in three steps

1. Install the plugin and activate it. WordPress redirects you straight to the Settings tab on first run.
2. Paste your Anthropic API key, pick a Claude model (Sonnet, Opus or Haiku), and save. The key is encrypted before it hits the database.
3. Decide where the chat lives — flip Floating widget on for site-wide, or drop the [grchat_chat] shortcode / GoldenRetriever AI Chat block on any page.

What’s coming in GoldenRetriever AI Chat Pro

The free version is the chat surface. Pro adds OpenAI and Gemini providers, multi-persona advisors, PDF/DOCX/CSV file knowledge with embeddings retrieval, lead routing to your inbox/CRM with full conversation context, and white-labelling — all as a separate plugin you install alongside the free version. No data migration, no breakage. Voice conversations are on the longer-term roadmap as a future Pro+ release.

External services

This plugin connects to third-party services that you configure and pay for
directly with your own API keys. It includes no central service operated by us.

1. Your chosen AI provider (Anthropic Claude — api.anthropic.com).
   When a visitor sends a chat message, the plugin sends the conversation and
   the relevant excerpts of your site content to the AI provider you configured,
   using the API key you entered, and streams the reply back. This happens only
   on an explicit chat action. Data sent: the visitor’s messages and the matched
   site-content excerpts. Anthropic terms: https://www.anthropic.com/legal/commercial-terms
   — privacy: https://www.anthropic.com/legal/privacy

2. Administrator-added knowledge-source URLs (your server → the URL you enter).
   When a site administrator adds a URL as a knowledge source on the Knowledge
   tab, the plugin fetches that URL directly from your server (using WordPress’s
   built-in wp_safe_remote_get(), which blocks private/internal addresses). The
   request goes from your server to the public URL you entered; no data is sent
   to any third party in the process. Only administrators (manage_options) can
   add or refresh sources.

3. “Email me this chat” lead capture (your site’s database only).
   When a visitor opts in to receive a transcript of their chat conversation
   by email, the plugin stores their email address in your site’s own
   database (table wp_grchat_leads). No data is sent to us or any third
   party. The transcript email is sent via your site’s own wp_mail() function,
   using your server’s configured mail transport. The visitor’s email address
   is stored only with their explicit consent, and only on your own server.

Apart from the administrator-initiated knowledge-source fetch above, the only
outbound HTTP calls are to your chosen AI provider, and only on explicit user
action. The plugin does not use embeddings (Anthropic provides no embeddings
API); semantic/embeddings retrieval is a separate Pro feature, not in this
free plugin.