Most AI analytics tools for trading work the same way: your positions, orders, and P&L get serialized and sent to a third-party LLM API so the model can answer a question. That is workable for generic use cases. For desks where exposure is alpha, it is a compliance problem and a recurring token bill that scales with every query.
We built a different pattern in production at ForeStrat called Programmatic Tool Calling (PTC). The model does not fetch your data. It writes Python that runs inside your browser via Pyodide, calls your application API directly, and renders results as interactive tables on your screen.
The idea in one pass
In standard tool calling, a question like "What is my biggest position today?" can ship hundreds of rows through the LLM just to extract one number. With PTC, the flow inverts:
- The LLM generates SDK code (
tools.positions_top(...),tools.trade_orders_get(...), and similar) - Your browser executes that code in a sandboxed Python runtime
- Tool calls hit your production API from the client; numeric values never leave your perimeter
- The model receives only a schema summary, for example
12 rows × 6 cols [account_id, symbol, qty, market_value, side, algo]
The assistant can still plan multi-step analyses, chain follow-up scripts, and suggest next questions. It reasons about structure, not cell values.
Why it matters
For privacy-sensitive trading workflows, PTC keeps positions, order flow, and P&L inside the customer's environment while still delivering a conversational analytics experience. Token use drops sharply because the model is not ingesting full datasets on every turn. In our production measurements, that difference is on the order of ~98% fewer tokens per query for typical analytical workflows.
The pattern sits on a five-layer stack: an auto-generated Python tool SDK, structured table output in the UI, AI-aware prompts, parameterized scriplets, and an orchestration loop where the backend streams code to the browser, not data to the model.
What we are sharing here
This post is a brief introduction. The full technical note covers the morning risk-check walkthrough step by step, the architecture layers, token economics, when PTC fits (and when a point lookup should stay on classic tool calling), and how we wire MCP, SSE, Pyodide, and Redis-backed tool handlers in production.
Want the full technical note, architecture diagrams, or a walkthrough on your own data? Email demo@forestrat.ai and we will set up a working session.