SDX AI Readiness Toolkit for WooCommerce

Description

SDX AI Readiness Toolkit makes any WooCommerce store auto-discoverable, readable, and purchasable by AI shopping agents — ChatGPT plugins, Perplexity Shopping, Google’s commerce AI, custom Claude tools, and any agent that speaks the open protocols of the agentic commerce ecosystem.

Why this matters

In 2026 Google launched the Universal Commerce Protocol (UCP) with Shopify, Walmart, Target, Wayfair, and Etsy. WooCommerce was absent. This plugin closes that gap.

What this plugin does

• UCP discovery at /.well-known/ucp — agents auto-find your store
• MCP server at /wp-json/agtc/v1/mcp — JWT-authenticated tools for product listing, search, and order lookup
• ACP checkout at /wp-json/agtc/v1/acp/checkouts — agentic checkout sessions with Stripe payment_intent support
• OAuth 2.0 server — dynamic client registration + client_credentials grant
• WC native ACP coexistence — auto-detects WooCommerce 10.7+ native ACP and defers when active
• Web discovery — HTML <link> tags, HTTP Link headers, robots.txt advisory, /llms.txt
• Google Merchant Center feed at /merchant-feed/google.xml — a self-hosted, Google-spec product feed you register as a scheduled fetch
• AI readiness dashboard — scores your store, shows what’s missing, offers one-click fixes
• Production-grade engineering — 260+ unit tests, integration-tested on live WordPress 7.0 + WooCommerce, WordPress Coding Standards compliant, PHP 7.4+ compatible

How agents use your store

1. Agent fetches /.well-known/ucp
2. Agent registers via /oauth/register → receives client ID + secret
3. Agent exchanges credentials for JWT at /oauth/token
4. Agent calls MCP tools under /mcp (search, list)
5. Agent creates an ACP checkout session at /acp/checkouts
6. Agent completes the session → real WooCommerce order in your admin

All standard payment gateways work. UCP creates standard WC orders.

How this actually helps your store

AI shopping assistants — ChatGPT, Perplexity, Gemini, Claude — now help millions of people find products every day. When a shopper asks “find me a waterproof backpack under $80”, the assistant doesn’t open Google and click around. It queries machine-readable storefronts directly. The way it finds those storefronts is by fetching /.well-known/ucp on each domain it knows about. If that file doesn’t exist, your store is invisible to the agent — not low-ranked, invisible.

This plugin publishes that file automatically, along with the MCP tools the agent uses to actually browse your catalog. You don’t have to write a single line of integration code; activating the plugin is enough to put your store on the map for every agent that speaks UCP, MCP, or ACP.

A few complementary moves we recommend alongside this plugin: register your products in Google Merchant Center so the Google Shopping feed picks them up, keep product titles and descriptions clear and well-structured (the same SEO discipline that helps humans also helps AI parsing), and make sure your site runs on HTTPS end-to-end so agents trust the responses.

Once your store is published, agents can do three things that previously required a human: discover that you exist, browse your catalog in real time, and — with ACP enabled — create a real WooCommerce order on behalf of their user, with the same checkout, tax, shipping, and fulfillment plumbing your human customers go through today.

Google Merchant Center

The plugin publishes a Google-spec product feed at https://yourstore.com/merchant-feed/google.xml. It is fully self-hosted — the plugin contacts no external service. Instead, you register that URL in Google Merchant Center → Products → Feeds as a scheduled fetch, and Google pulls the feed on its own schedule. Once Google has the feed, your products become eligible for Google Shopping and Google’s shopping AI.

The feed is built from your published, catalog-visible WooCommerce products and includes each product’s title, description, price, availability, image, and — when set — brand and GTIN. Filling in brand and GTIN (Products → product → Inventory → Global Unique ID, on WooCommerce 9.2+) materially improves listing quality and how often Google can match your products. Variable products are expanded to their purchasable variations. The generated XML is cached for one hour to keep the endpoint fast.

Privacy & Data Handling

This plugin is built to be conservative about data:

• The plugin only exposes publicly available product data — name, price, image, description — through its UCP and MCP discovery endpoints. Anything you already display on a public product page is fair game; nothing else is.
• Order data is gated behind a valid OAuth 2.0 access token AND is scoped to the agent’s own orders. An agent (OAuth client) can only read orders it created itself through the ACP checkout flow; it can never read other agents’ orders or orders placed by human customers through normal checkout. An agent without the read:orders scope cannot read any orders at all, and read:orders is never granted by open client registration unless it is explicitly requested.
• No customer personally identifiable information (PII) is collected, transmitted to third parties, or stored beyond standard WooCommerce order records that WooCommerce itself already manages.
• All admin actions — including the audit dashboard and one-click auto-fix buttons — require the manage_woocommerce capability and a verified WordPress CSRF nonce.
• No outbound telemetry. No analytics calls. No external “phone home” requests. The plugin does not contact the author, an analytics vendor, or any third party at install time, on activation, or during normal operation.

External Services

WordPress.org guideline #6 requires that we disclose any external services this plugin contacts. The list is short:

• Stripe (optional, opt-in): Stripe is only contacted when the ACP module’s payment_intent flow is explicitly enabled by defining the AGTC_STRIPE_SECRET_KEY constant in wp-config.php. When an agent completes a checkout session under that flow, the plugin makes a server-to-server POST to https://api.stripe.com/v1/payment_intents to authorize the payment. No data is sent to Stripe unless this flow is activated. Stripe service terms: https://stripe.com/legal — Stripe privacy policy: https://stripe.com/privacy.
• No other external services are contacted by default. UCP, MCP, and ACP discovery endpoints are served from your own WordPress installation. The agent pulls data from you; you do not push data to the agent or to any intermediary.

Disclaimer

This plugin is an independent, community-driven implementation of open commerce protocols. It is not affiliated with, endorsed by, or sponsored by Stripe, Inc., OpenAI, Google, Anthropic, Automattic, or the WooCommerce trademark holders. “WooCommerce” is a trademark of Automattic Inc. and is referenced solely for descriptive interoperability purposes.