mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-18 07:19:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
342bcf8ea5
system-prompts-and-models-o.../dealix/docs/INCIDENT_RESPONSE.md
Dealix Builder 47f4dc2fb6 feat(positioning+customer-ops): Saudi Revenue Execution OS — 8 modules + 20 endpoints + 44 tests + 8 docs + 2 modes 
Locks Dealix's positioning forever and closes the operational gap between
"great product" and "great customer experience": onboarding, connectors,
support SLA, incidents, customer success cadence, and companies/marketers
landing pages.

Positioning Lock (3 docs)
- POSITIONING_LOCK.md (Arabic): Saudi Revenue Execution OS category lock; one-liner; primary buyers (companies + agencies/marketers); wedge (First 10 Opportunities + Proof Pack); 5 approved claims; 5 prohibited categories; 5 modes; 5 bundles; 6 "what Dealix is NOT" rules
- PROHIBITED_CLAIMS.md (Arabic): 8 categories of forbidden marketing language (guaranteed results, scraping, full automation, bypass approvals, competitor attacks, legal/financial promises, medical language, exaggerated speed) + technical enforcement (safety_eval + tone_eval + quality_review_gate + tool_action_planner + test_positioning_lock.py)
- APPROVED_MARKET_MESSAGING.md (Arabic): tagline + 30-second elevator pitch + 5 headlines + competitor positioning table + 4-segment outreach templates + LinkedIn/X social posts + slogan bank

Customer Ops (6 modules)
- onboarding_checklist: 8-step Pilot onboarding (select_goal → select_bundle → company_intake → connect_channels → upload_or_source → risk_review → first_service_run → first_proof_pack) with progress tracking + state advancement
- connector_setup_status: 11 connectors (Gmail/Calendar/Sheets/Moyasar/WhatsApp/Forms/LinkedIn-LeadForms/GBP/CRM/Meet/Instagram) each with default_mode (draft_only/manual/ingest_only/approved_execute), launch phase, and blocking flag; ready_for_first_service gate requires no blocking connectors missing AND ≥1 connected
- support_ticket_router: 4-tier P0/P1/P2/P3 classification with Arabic+English keyword matching; auto-classifies "تسريب", "إرسال بدون موافقة", "بدون موافقتي", "live charge", "unauthorized" as P0; per-priority Arabic first-response templates; SLA targets per priority
- sla_tracker: SLA targets per priority (P0=30min/4h, P1=2h/24h, P2=8h/72h, P3=24h/1week); record_sla_event with strict event-type validation; classify_sla_breach for individual tickets; build_sla_health_report aggregates with verdict (healthy/watch/critical based on breach_rate)
- customer_success_cadence: 6 cadence types (weekly_check_in, monthly_proof_review, QBR, at_risk_alert, renewal_30/7_day); build_at_risk_alert with risk_score 0..100 from days_inactive + drafts_pending + last_proof_pack_days_ago; build_customer_success_plan with 30-day per-bundle cadences (growth_starter, executive_growth_os, partnership_growth)
- incident_router: SEV1/SEV2/SEV3 with first_action_minutes + comm_cadence; auto-SEV1 on has_data_leak OR has_unauthorized_send; SEV2 on affected_customers≥5; canonical 5-step response plan (freeze live actions / notify founder / create incident channel / review Action Ledger / PDPL 72h notification) + per-severity additional steps + post-mortem template

New Operator Modes (2)
- self_growth_mode: re-exports targeting_os.self_growth_mode (DEALIX_ICP_FOCUSES, recommend_dealix_targets, build_self_growth_daily_brief, build_weekly_learning_report) + operator-tier reminders (no cold WhatsApp even for Dealix itself, all drafts approval-first, no scraping)
- service_delivery_mode: orchestrates service_tower workflow + revenue_launch.pilot_delivery + customer_ops.sla_tracker; build_service_delivery_brief (per-service template), build_sla_status_for_delivery (breach detection on open tickets), build_post_delivery_handoff (5-step transition to Customer Success cadence)

Router (1 new) — 20 endpoints
- /api/v1/customer-ops/* — onboarding (checklist/update-step/demo), connectors (catalog/summary/update/demo), support (priorities/classify/route/first-response), sla (event/classify-breach/health-report/health-report-demo), incidents (triage/response-plan), cs (weekly-check-in/at-risk-alert/success-plan)

Customer-facing pages (1 new, 1 already-existed-preserved)
- landing/companies.html (NEW): Saudi B2B companies pitch — Approval-first, no scraping, no cold WhatsApp; 4 bundles (Growth Starter / Data to Revenue / Executive Growth OS / Full Growth Control Tower); Proof Pack section; safety + compliance section
- landing/marketers.html (existed): preserved as-is — agency/marketers Agency Growth OS path

Tests (2 new files, 44 tests)
- test_customer_ops.py: 31 tests
  * 4 onboarding (8 steps, advancement, unknown step error, complete-all)
  * 5 connectors (critical connectors present, blocking_missing detection, ready gate, validation, write)
  * 8 support (P0 security, P0 unauthorized send, P1 service down, P2 connector, P3 default, empty input, route includes SLA, P0 first-response Arabic with 30 min)
  * 6 SLA (event validates, log appends, breach detection within/exceeded targets, health report aggregation, critical verdict)
  * 4 incidents (data leak SEV1, unauthorized send SEV1, ≥5 customers SEV2, single customer SEV3, SEV1 plan includes PDPL)
  * 4 customer success (weekly check-in talking points Arabic, at-risk high severity, at-risk low severity, success plan per bundle including growth_starter and executive_growth_os Founder Shadow Board)

- test_positioning_lock.py: 13 tests
  * positioning_lock.md exists with category + "ليس CRM" + "ليس بوت"
  * prohibited_claims.md exists with "نضمن" + "scraping"
  * approved_market_messaging.md has Approval-first + PDPL + Saudi Tone + Proof Pack
  * landing pages contain NO positive forbidden claims (negative restatements like "no auto-DM" in safety sections allowed)
  * companies.html includes "Approval-first" + "Proof Pack"
  * agency-partner.html OR marketers.html exists
  * private-beta.html does NOT promise guarantees
  * REVENUE_TODAY_PLAYBOOK emphasizes Approval-first
  * positioning_lock lists all 5 bundles
  * positioning_lock lists all 5 modes (CEO + Growth Manager + Agency Partner + Self-Growth + Service Delivery)

Customer Ops Docs (5 new)
- ONBOARDING_RUNBOOK.md (Arabic): 8 onboarding steps + day-by-day Day1-Day5 + 11 connector states + acceptance criteria
- SUPPORT_SLA.md (Arabic): 4 priority tiers + auto-classification keywords + Arabic first-response templates + weekly review process
- INCIDENT_RESPONSE.md (Arabic): SEV1/SEV2/SEV3 logic + canonical response plan + per-severity additional steps + post-mortem template + Arabic communication templates + auto-actions
- CUSTOMER_SUCCESS_PLAYBOOK.md (Arabic): cadence types + weekly agenda (25 min) + at-risk scoring formula + per-bundle cadence + QBR + renewal flow + health score formula
- CONNECTOR_SETUP_GUIDES.md (Arabic): all 11 connectors with scopes + step-by-step + acceptance criteria + troubleshooting table

Test results
- 44/44 new tests pass
- Full suite: 949 passed, 2 skipped (missing API keys, unrelated)
- 0 existing tests broken

Safety + integration
- All 20 customer-ops endpoints: approval_required=True, live_send_allowed=False
- support_ticket_router HARD-CLASSIFIES "تسريب", "إرسال بدون موافقة", "live charge", "unauthorized" as P0 (founder owner, 30-min first response)
- incident_router auto-promotes to SEV1 on has_data_leak or has_unauthorized_send (regardless of affected_customers count)
- onboarding_checklist requires WhatsApp connector (blocking) before ready_for_first_service
- connector_setup_status default_mode is draft_only/manual/ingest_only — never live
- Positioning Lock test_positioning_lock.py enforces:
  * 5 bundles must be listed in POSITIONING_LOCK.md
  * 5 modes must be listed
  * landing pages must not contain positive forbidden claims (8 phrases)
  * companies.html must mention Approval-first + Proof Pack
- self_growth_mode reminds operator: no cold WhatsApp even for Dealix itself
- service_delivery_mode integrates SLA tracker before declaring delivery success

Integration with everything before
- Customer Ops onboarding integrates Service Bundles (autonomous_service_operator.service_bundles)
- Customer Ops connectors mirror connector_catalog risk_levels + add operational state machine
- Support classifier integrates with security_curator (P0 on secret leaks) + revenue_launch.payment_manual_flow (P0 on unauthorized charge)
- Customer Success metrics flow from agent_observability + revenue_launch.proof_pack_template
- Service Delivery Mode wires service_tower.workflow + revenue_launch.pilot_delivery + sla_tracker into one pipeline
- Self-Growth Mode wraps targeting_os.self_growth_mode with operator-tier safety reminders
- Companies + Marketers pages enforce POSITIONING_LOCK headlines

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 18:14:51 +03:00

3.5 KiB
Raw Blame History

Dealix Incident Response

القاعدة: أي incident يمر بـ triage → severity → response plan → audit. أي تسريب بيانات أو إرسال غير معتمد = SEV1 تلقائي.

Severities

Severity الوصف First Action Comm Cadence
SEV1 تسريب أمان / إرسال غير معتمد / تعطل كامل 15 دقيقة كل 30 دقيقة
SEV2 خدمة معطلة لـ ≥5 عملاء 30 دقيقة كل ساعة
SEV3 تأثير محدود (عميل واحد / degraded) 2 ساعة كل 4 ساعات

Triage Logic

if has_data_leak or has_unauthorized_send:
    severity = "SEV1"
elif affected_customers >= 5:
    severity = "SEV2"
else:
    severity = "SEV3"

Endpoints:

  • POST /api/v1/customer-ops/incidents/triage
  • GET /api/v1/customer-ops/incidents/response-plan/{severity}

Canonical Response Plan (مشترك)

  1. تجميد الـ live actions على القناة المعنية فوراً.
  2. إخطار المؤسس + on-call operator.
  3. إنشاء incident channel مع timeline.
  4. مراجعة Action Ledger للأفعال المرتبطة.
  5. إذا تسريب: إخطار العملاء المتأثرين خلال 72 ساعة (PDPL).

SEV1 Additional Steps

  1. تواصل مباشر مع المؤسس + خلية أزمة.
  2. كتابة post-mortem خلال 24 ساعة.
  3. مراجعة قانونية إن لزم (DPA + PDPL implications).

SEV2 Additional Steps

  1. تحديث العملاء المتأثرين كل 60 دقيقة.
  2. post-mortem خلال 48 ساعة.

SEV3 Additional Steps

  1. تحديث العميل المتأثر مع كل خطوة.
  2. post-mortem اختياري (موصى به للأنماط المتكررة).

Post-Mortem Template

1. ملخص الحادث
2. timeline (timestamps)
3. السبب الجذري
4. ما اشتغل صح
5. ما اشتغل غلط
6. الـ action items للوقاية
7. الـ owner لكل action item
8. الـ deadline

Communication Templates (Arabic)

SEV1 — أول ساعة

اكتشفنا حدث أمني/تشغيلي يتعلق بـ [نوع الحادث]. أوقفنا الـ live actions على القناة المتأثرة. نتواصل معك خلال 30 دقيقة بتحديث.

SEV1 — تسريب بيانات

نأسف. اكتشفنا تسريب بيانات يتعلق بـ [نوع البيانات]. نراجع الأثر الآن وسنتواصل معك خلال 24 ساعة بتفاصيل + خطوات الحماية. PDPL يلزم بالإبلاغ خلال 72 ساعة لذا سنحرص على إعلامك بكل ما نعرفه.

SEV2

خدمة [اسم الخدمة] متعطلة جزئياً. الفريق يعمل على الإصلاح ونتوقع الاستعادة خلال [وقت]. سنحدثك كل ساعة.

Auto-actions

  • Dealix يجمد القناة تلقائياً عند detection على:
    • bounce_rate > 5%
    • complaint_rate > 0.3%
    • block_rate WhatsApp > 3%
  • Dealix يخطر المؤسس على أي SEV1 detected.
  • Dealix يضيف entry لـ Action Ledger لكل incident.

Permission to publish

  • Post-mortems خاصة لـ SEV1 لا تُنشر علناً إلا بعد:
    • مراجعة قانونية.
    • موافقة العملاء المتأثرين.
    • إزالة كل PII.
  • Post-mortems لـ SEV2/SEV3 يمكن نشرها كـ engineering blog لو مفيدة.