SPC Retail — Slack + LLM Tool Scoping

Date: 2026-04-09 Context: Scoping a read-only Slack interface into the client's WooCommerce data, with an LLM layer for natural language queries and automated monthly reports.

The Question

Can we turn the WordPress/WooCommerce database into an API (or MCP) accessible via Slack, with controlled read-only commands like:

Show me the highest-selling products
Show me all sales for a given time period
Tell me which products are featured
etc.

Short answer: Yes. Straightforward.

Phase 1 — Read-Only Data Access

1. Expose data from WordPress (read-only)

Use the built-in WP REST API + WooCommerce REST endpoints, or create custom endpoints for exactly what you want:

add_action('rest_api_init', function () {
  register_rest_route('gm/v1', '/sales-summary', [
    'methods' => 'GET',
    'callback' => 'gm_get_sales_summary',
    'permission_callback' => function () {
      return current_user_can('read'); // or custom auth
    }
  ]);
});

function gm_get_sales_summary($request) {
  // query Woo orders + return totals
}

Lock it down with: - Application Passwords (basic auth) - JWT / token header - IP allowlist (if internal)

2. Thin middleware layer

Don't hit WP directly from Slack. Use a Node/Express or serverless middleware that: - Calls the WP API - Formats responses - Handles auth + rate limiting

3. Slack interface (2 options)

Option A — Slash commands (simplest)

/sales last-30-days
/top-products

Slack → middleware → WP → response

Option B — Slack bot (better UX) - Uses Events API + LLM parsing - "show me top selling products this month" - Maps intent → endpoint

4. MCP (optional)

Wrap the same endpoints as MCP tools. Then Slack bot (or Claude/OpenAI agent) calls tools instead of hardcoded routes. Overkill unless you want agent interoperability.

Data we can expose easily

Query	Source
Top selling products	`wc_get_products` + order stats
Sales by date	`wp_posts` + `wc_order_stats`
Featured products	product meta `_featured = yes`

Baseline architecture

Slack → (slash/bot)
   → Middleware (Node)
      → WP REST / Woo API (read-only endpoints)
         → Response → Slack

Key callouts

Do NOT expose WP directly to Slack
Keep endpoints scoped (no generic "give me everything")
Cache responses (sales queries can get heavy)
Stripe not needed — Woo already has the payment data

Baseline build: ~1–2 days.

Phase 2 — Add LLM + Automation

Architecture (tight version)

Slack (bot)
  → LLM (intent parser)
    → Tool layer (your endpoints)
      → WP / Woo API
  → Response formatter
  → Slack

1. Hybrid input model

Predefined commands (fast + reliable)

/sales 30d
/sales mtd
/top-products

Natural language (LLM parses → structured call) - "show me sales last month vs last year" - "top 5 products this quarter"

The LLM's job is NOT to fetch data. It only maps input → { intent, params }.

Example output:

{
  "intent": "sales_summary",
  "range": "last_month",
  "compare": "last_year"
}

2. Tool layer (this is the real product)

Keep it tight. 5–8 endpoints max:

getSalesSummary(range, compare?)
getTopProducts(range, limit?)
getFeaturedProducts()
getOrders(range)

Return clean JSON. No fluff.

3. LLM wiring (important constraint)

Do NOT let the LLM query WP directly. Instead: - Give it a fixed tool schema - It picks the tool - Your backend executes it

Patterns: - OpenAI → function calling - Anthropic → tool use - OpenRouter → same pattern

4. Slack bot flow

User message
Send to LLM with tool definitions
LLM returns tool call
Execute tool
Send formatted result back

5. Scheduled reports (easy win)

Cron job (or serverless scheduler) posts a monthly report to Slack:

Sales total
% change vs last month
% change vs same month last year
Top 5 products

Example payload:

📊 March Sales Report

Revenue: $82,430 (+12% vs Feb, +18% YoY)

Top Products:
1. Product A — $12,300
2. Product B — $9,800
...

Notes:
• Strong growth in category X
• Decline in Y (−8%)

6. Where the LLM actually adds value

Natural language → structured queries
Light summarization ("what matters here?")
Comparisons (YoY, trends)
Follow-ups:
"why did product A drop?"
"show me orders for that week"

7. Guardrails (don't skip)

Only expose read-only tools
Hard-limit ranges (no "all time" unless cached)
Validate params before hitting WP
Cache heavy queries (Redis or simple memory)

8. Optional upgrades (later)

Per-user permissions (Slack ID → role)
Memory (favorite queries per client)
Inline buttons: "View last 30 days", "Compare YoY"

TL;DR

LLM = translator
API = source of truth
Slack = UI

If the LLM disappears, the system should still work with slash commands. That's how you know it's built right.