Nova Suite
Enterprise Intelligence Platform
Transform your agency into a continuously learning intelligence system—capturing every signal, insight, decision, and outcome to drive smarter strategy and faster execution over time.
Platform Overview
178 slides organized into 19 sections • Click any section to navigate
The Strategic Shift: From Projects to Intelligence
Enterprise AI transforms agencies from execution partners to intelligence partners
Traditional Agency
Projects that end
Insight in people's heads
Reactive execution
Headcount scaling
Nova Suite
Intelligence that compounds
Insight in the system
Predictive action
Knowledge scaling
Industry Vision: The Future of Enterprise AI
Leading analysts define the convergence of AI, orchestration, and automation
Gartner BOAT
Business Orchestration & Automation Technologies
- → "The 'O' is critical" — Orchestration is key
- → Convergence of BPM, iPaaS, RPA, GenAI, Low-Code
- → AI Agents becoming core capability
- → Unified platform replacing fragmented tools
Forrester APO
Adaptive Process Orchestration
- → "The next wave in enterprise automation"
- → AI agents with nondeterministic control flows
- → Evolution from DPA to adaptive orchestration
- → Balance of AI innovation with reliability
Nova Suite: Where BOAT Meets APO
We're implementing what leading analysts envision for enterprise automation
Styx Workflow Suite
Six branded workflows that operationalize strategy into governed execution
Social Media Management
Brief → Strategy → Content → Calendar
ImplementedPaid Media (Poetry)
Planning → Optimization → Reporting
ImplementedSpectre/Crisis
Detection → Assessment → Response
In ProgressKEO/Reporting
Ingestion → Analysis → Visualization
ImplementedContent Creation
Voice → Planning → Creation → Approval
PlannedReview & Customer Service
Intake → Response → Resolution
PlannedPaid Media Workflow Original Requirements
The 8 core functions defined in the Paid Optimization Workflow Outline
Media Mix Allocation
Budget distribution across channels
ImplementedMedia Forecasting
Performance prediction using benchmarks
ImplementedAudience Identification
Unified targeting recommendations
ImplementedCampaign Naming
Standardized naming conventions
ImplementedCampaign Flighting
Detailed flighting calendar
ImplementedDaily Pacing
Real-time spend & KPI monitoring
ImplementedWeekly Reallocation
Budget rebalancing based on performance
ImplementedWeekly Snapshot
WoW analysis & strategic insights
ImplementedMulti-Channel Integrations
Google, Meta, LinkedIn, TikTok, GA4, CRM
BPMN-Driven Workflows
Camunda v7 OSS engine with AI generation
AI Agent Functions
MMM Allocator, Predictive Engine
Client Portal
Persona-based dashboards & DoA
21 Rival Functions
CortexOne AI agents invoked via API • All published at cortexone.rival.io
Core Marketing AI Functions (21 Total Published ✓)
Predictive Engine
ML forecasting
MMM Allocator
Bayesian optimization
Autonomous Executor
Auto-execution
Privacy Measurement
CAPI validation
Incrementality
Lift measurement
Ad Platform Reader
Unified read API
Email Service
Resend integration
SMS Service
Twilio integration
Content Extractor
Embedded LLM analysis
Brand Voice Scorer
Content compliance
Document Chunker
RAG preprocessing
Embedding Service
Vector generation
BPMN Workflow Steps (8 Camunda Workers)
Compliance Workers (10 Camunda External Tasks)
Multi-Channel Integrations
Production-ready integrations with error handling, validation, and retry logic
Google Ads
OAuth 2.0 • Campaign CRUD
Meta Ads
OAuth 2.0 • 9 Workers
LinkedIn Ads
OAuth 2.0 • 189 Tests
TikTok Ads
Token Auth • KB Ingester
Google Analytics 4
n8n Signal Ingestion
CRM Integration
Salesforce • HubSpot
Talkwalker
Blue Silk AI • 150M+ Sources
Google Workspace
Domain-Wide Delegation
Integration Core
Base Classes • Retry Logic
- Unified error handling with automatic retry (exponential backoff)
- Input validation via Zod schemas for type-safe API calls
- OAuth 2.0 token management with automatic refresh
- Rate limiting and quota management per integration
Platform Architecture
Rival Platform Foundation + Poetry Domain Layer
+ pgvector
31 Cypher Schemas
Object Storage
Redis Cache
Auth
50+ SubAgents
Claude-powered automation
59 BPMN Processes
Visual process orchestration
8 Signal Categories
Unified signal taxonomy
5 Ad Platforms
Meta, Google, TikTok, LinkedIn, X
AI-Powered BPMN Generation
Generate complete BPMN processes from natural language using Claude
User Input
"Media planning workflow
with parallel approvals"
Claude Agent SDK
BPMN generation rules
+ validation
Valid BPMN 2.0 XML
Complete process
+ diagram coordinates
- No API key required - uses Claude Code session auth
- 13 BPMN patterns enforced via bpmn-validator
- Auto-deployment to Camunda via CI/CD pipeline
- Integration with Planning Workers for end-to-end automation
Claude Code CI/CD Pipeline
Automated BPMN deployment integrated with GitHub
Design
AI generates BPMN
Validate
BPMN validator checks
Commit
Git branch + PR
Deploy
Auto-deploy to Camunda
BPMN Promotion Workflow
processes/ (experiment) → packages/bpmn/ (promote) → CI/CD (deploy)
New processes start in processes/ for experimentation.
Once validated, they're promoted to the @rival/bpmn package for automated deployment.
GitHub Integration
Auto-commit, branch management, PR creation
BPMN Validation
13 rules ensure Camunda 7 compatibility
Auto-Deployment
Seamless deployment to Camunda v7 engine
GKE Bootstrap
One-command QA environment setup
Agentic SDLC in Action
Real example: RIV-337 completed autonomously in a single Claude Code session
Workflow Steps
Intelligent Prompt Enhancement
40-60% Effectiveness Improvement Through AI-Powered Routing
Intelligent Model Routing
Automatic selection of optimal model based on task complexity
Enhancement Pipeline
5-stage pipeline with feedback loop for continuous improvement
Active Use Cases
Production deployments with measured effectiveness
Technology Stack
Node.js 22 LTS
Runtime (LTS until Apr 2027)
Turborepo + pnpm
Monorepo with 10+ packages
Next.js 14
React web app with App Router
NestJS API
TypeScript backend with DI
Camunda v7 OSS
BPMN engine with REST API
Authority Management
Enterprise authorization
Zod Validation
Runtime API validation
shadcn/ui + Tailwind
Accessible UI components
Playwright E2E
End-to-end testing
PostgreSQL 18
Alpine-based database
Prisma ORM
Type-safe database access
Redis
Cache and sessions
Framer Motion
Spring animations
Knowledge Base
Neo4j + pgvector
Docker
Containerized stack
LiveKit Agents
Real-time voice AI
OpenAI GPT-4o
Conversational LLM
Deepgram
Speech-to-text
Beyond Presence
AI Avatar rendering
Container Security
Automated vulnerability scanning
Monorepo Structure
rival/ ├── apps/ │ └── web # Next.js dashboard ├── packages/ │ ├── api # NestJS REST API │ │ └── test/fixtures/ # BPMN test fixtures (CI/CD) │ ├── bpmn # Production BPMN (@rival/bpmn npm package) │ ├── workers # Camunda workers (5 planning) │ ├── authority-management # Enterprise Authorization │ └── integrations/ │ ├── core # Shared utilities │ ├── google-ads # Google Ads API │ ├── meta-ads # Meta/Facebook API │ ├── linkedin-ads # LinkedIn Marketing │ ├── tiktok-ads # TikTok Ads API │ ├── ga4 # Google Analytics 4 │ ├── crm # CRM integration │ └── google-workspace ├── functions/ # CortexOne AI agents └── processes/ # BPMN scratch/experimentation (local dev)
BPMN File Organization
GCS Object Storage
Secure, multi-tenant file storage with enterprise compliance controls
Admin only
Path isolation
7-day TTL
Staging area
Path Validation
- UUID tenant ID verification
- Category whitelist enforcement
- Path traversal attack prevention
Tenant Isolation
- Every operation verified
- Cross-tenant access blocked
- Unauthorized access logged
GDPR Compliance
- Article 17 erasure support
- Hard delete from DB + GCS
- Audit trail preserved
Workload Identity
No service account keys in Cloud Run. Uses GCP Workload Identity for zero-credential access to GCS buckets.
HMAC-SHA256 Audit Trail
Tamper-proof audit logs with cryptographic signatures. Every upload, download, and delete is immutably recorded.
Web Application Features
Next.js 14 dashboard with enterprise-grade features
WCAG 2.1 AA Accessible
Full ARIA support, keyboard navigation
Security Headers + CSP
Content Security Policy, HSTS
Zod API Validation
Runtime validation with type-safe client
Planning Studio
Smart forms, KB search, RBAC-protected routes
BPMN Viewer
Interactive process diagram viewer
Dev/Prod Separation
Mock data layer for development
Persona-Based Dashboards
7 role-specific views with proactive insights
Context-Aware Chat
Cmd+K with page detection + auth guardrails
Approval Workflows
Enterprise delegation of authority
CortexOne Serverless Functions
AI-Powered Campaign Optimization Agents (GCP Python 3.13 Runtime) - All 6 Published ✓
Predictive Engine
Actions: ROAS forecasting, creative fatigue, audience saturation
✓ Published ($0.01)
Privacy Measurement
Actions: CAPI signal quality, privacy-compliant validation
✓ Published ($0.01)
Autonomous Executor
Actions: Auto-execute with budget guardrails & safety limits
✓ Published ($0.01)
MMM Allocator
Actions: Bayesian budget optimization, Media Mix Modeling
✓ Published ($0.01)
Incrementality Testing
Actions: Geo-holdout, synthetic control, Bayesian lift
✓ Published ($0.01)
Ad Platform Reader
Actions: Unified read API for Google & Meta campaigns
✓ Published ($0.01)
🎉 11 Functions Live on CortexOne Marketplace
11/24 functions published at cortexone.rival.io | 13 in development | API-invokable via BPMN workflows | $0.01/call pricing
Agentic Intelligence Architecture
How CortexOne Functions Think, Reason, and Act Autonomously
ReAct Loop
THINK - ACT - OBSERVE cycle enables multi-step reasoning with tool use
HITL Escalation
Risk-based thresholds ($5K budget, 50% change) trigger human approval
Dual-Mode Execution
Fast rule-based (sync) or intelligent multi-step (agentic) modes
CDD Evidence
Complete audit trail with query hashing and trace correlation
Daily Optimization Agent
- Predictive analytics for ROAS trends
- Budget allocation recommendations
- Creative fatigue detection
Compliance Checker Agent
- Privacy signal validation
- CAPI compliance verification
- Policy guardrail enforcement
Rival Modeler & Function Marketplace
Visual BPMN Modeler with CortexOne Marketplace Integration
Rival BPMN Modeler
bpmn.io + Rival Activity Palette
- • Visual drag-and-drop BPMN 2.0 editor
- • Rival Activity type with function selector
- • Auto-maps to Camunda external tasks
- • CI/CD deployment to process engine
CortexOne Marketplace
100s of AI Functions Available
- • Dynamic fetch from CortexOne API
- • 8 categories: NLP, Analytics, Marketing...
- • Unit pricing per execution ($0.01+)
- • Search, filter, and browse functions
Tenant Admin Function Curation Workflow
Browse Marketplace
Select Functions
View Collection Cost
Save Collection
Use in Modeler
Tenant admins curate which marketplace functions are available to their process modelers
Client & Operations Portal
Poetry: World-Class Client Experience
Client Portal
Dashboard, Spend, Campaigns, Reports, ApprovalsOperations Portal
ITSM Tickets, Client Health, Feedback, WorkflowsAdmin Portal
Functions, Infrastructure, SettingsAuditor Portal
Audit Trail, Evidence, ReportsShared Infrastructure
Descope Auth, AI Chat, Voice Agent, Knowledge Base- Descope auth: Social (Google/Microsoft/Apple) → Magic Link → Enterprise SSO
- AI Cmd+K chat assistant with Neo4j Knowledge Base
- Poetry Voice Agent with LiveKit + Beyond Presence avatar
- Enterprise DoA approval workflows with BPMN
- Role-based access control with OPA policies
Click persona to see task inbox:
Descope Identity Platform
Social OAuth + Magic Link + Enterprise SSO (7.5K MAU free)
Operations Ticket Management
ITSM-Style Ticket Queue for Support & Operations Teams
📥 Ticket Queue
Filterable list with status badges, priority indicators, and SLA tracking
📋 Detail Panel
Full ticket view with description, assignee, timeline, and communication thread
📊 Analytics
Metrics cards showing queue health, response times, and resolution rates
Priority Levels
Categories
Available at /operations/tickets • Support Agent persona • RIV-478
Planning Studio Intelligence
AI-Assisted Campaign Creation with Enterprise Controls
Smart Form UX
- ✓ Required field indicators
- ✓ Real-time validation
- ✓ Custom date range picker
- ✓ Error scroll-to-first
KB-Powered Search
- ✓ Searchable client dropdown
- ✓ Tier + vertical display
- ✓ Industry benchmarks
- ✓ Live KB integration
RBAC Protection
- ✓ Route-level guards
- ✓ Persona-based access
- ✓ Graceful redirects
- ✓ Loading state UX
⚙️ Admin-Configurable Fields
Campaign objectives, target audiences, industry verticals, platform channels - all editable by admins via /admin/settings
AI-Powered Chat Assistant
Context-Aware Intelligence with Auth Guardrails
⌘K / Ctrl+K
Global shortcut
from any page
Page Context
Route detection
intent classification
Knowledge Base
Persona-filtered
responses
AI Response
Markdown + syntax
highlighting
Page-Aware Context
Detects landing, login, dashboard, planning routes for tailored suggestions
Auth Guardrails
Intent classification blocks auth-required questions from guests
Neo4j Knowledge Graph
720+ nodes, 665+ relationships, TOGAF ontology
Persona-Aware
Role-based knowledge filtering via graph
Smart Suggestions
Dynamic questions based on page + auth state
Feedback Loop
Thumbs up/down with AI sentiment analysis
Context Examples: Landing page → "What is Poetry?" | Dashboard → "How is my ROAS trending?" | Planning → "What's the recommended budget for retail?"
PoetryBot Voice Assistant
Multi-Modal AI Interaction with Local LLM
Avatar Mode
Beyond Presence AI avatar with real-time lip sync
Voice Mode
Audio-only with real-time bar visualizer
Text Mode
Traditional chat interface with markdown support
AI Stack
| LLM | Ollama (llama3.2) - Local |
| STT | Deepgram |
| TTS | Deepgram (aura-asteria-en) |
| VAD | Silero - Local |
| WebRTC | LiveKit Cloud |
Key Differentiators
- No OpenAI dependency for LLM inference
- Local model = data stays on-premise
- Tool calling for campaign insights
- Seamless mode switching during session
- WCAG 2.1 AA compliant interface
Powered by: LiveKit Cloud + Deepgram + Ollama + Beyond Presence
Enterprise Approval & Feedback Workflows
Delegation of Authority (DoA)
$10K
Manager
$100K
Director
$1M+
CMO
- Threshold-based approval routing
- Visual approval chain progress
- Multi-level escalation with timeouts
- Full audit trail integration
Closed-Loop Feedback
Collect
👍/👎
Analyze
AI Sentiment
Resolve
Notify User
- AI sentiment analysis via CortexOne
- Priority-based BPMN routing
- Email + in-app notifications
- Operations dashboard for staff
Intelligence-Enhanced Knowledge Graph
40+ nodes including Signals, Causal AI, Patterns & Anomalies - Click "Data Scientist" to explore
Poetry Intelligence System 3D Explorer
Immersive visualization of Signals, Causal AI, Cross-Client Learning & 80+ relationships
Content Science: Data-Driven Intelligence
Transform content creation from art to measurable science
Powered by ContentWRX methodology | Partnership with Colleen Jones / Content Science View Breakout →
ROI Attribution
Track which themes and archetypes drive business outcomes
Brand Consistency
Score content against brand pillars for voice compliance
Gap Analysis
Identify underserved themes, audiences, or formats
Learning Loop
Self-improving recommendations that compound over time
Content Science Architecture
25,000+ lines of AI-powered content intelligence | 3 Application Modes: Agency, Platform, Competitive
Social Listening Layer
Intelligence Layer
LLM Abstraction Layer
WRX Scoring Layer
BPMN Workflow Layer
Rich Persona & User Personalization
Deep User Modeling for Truly Personalized Experiences
Jobs-to-be-Done
Primary & secondary jobs, goals, success metrics, pain points for each persona
User Profiles
Individual users synced from PostgreSQL with expertise tracking and learning history
Skills & Learning
16 skills with prerequisites, learning paths, and certification tracking
Knowledge Gaps
Identify what users should know vs. what they currently know
Multi-Role System
Users can hold multiple roles - unified task inbox across all assigned personas
Compliance Officer
New persona for regulatory compliance review and content approval workflows
Context-Aware Queries
"What should I know as a Campaign Manager?"
"What skills do I need for Meta API integration?"
"What's my learning path to become GDPR expert?"
Individual User Context
"What topics has Sarah recently viewed?"
"What's Alex's expertise level in OAuth?"
"What knowledge gaps do I have in compliance?"
Governance & Compliance: The Strategic Advantage
AI Under Control + Industry Regulations Built-In
AI GOVERNANCE Autonomous Agents Under Control
INDUSTRY COMPLIANCE Regulated Verticals Built-In
Off-label Prohibition
APR Disclosures
Medicare Ad Approval
Responsible Gaming
Age-Gating Required
Export Controls
Outcome Claims
Pattern expanding
Poetry builds compliance into the platform from day one—
a strategic advantage for us and
a competitive edge for our clients.
AI Governance Framework
18 Controls Across 5 Categories - Complete Autonomous Agent Oversight
- Intelligent model routing (H/S/O)
- 87% success, 12h/wk saved
- Click for metrics →
- Decision audit trail
- Data minimization
- Human oversight gates
- Risk register updated
- Security review integration
- PII detection & masking
- Incident response ready
- Metrics collected
- Drift detection alerts
- SLA compliance ≥99%
- Continuous improvement
- Bias detection metrics
- Fairness validation
- LLM-as-Judge evaluation
- Quarterly reviews
Complete Framework: Every AI decision is logged, every model call is traced, every output is evaluated— automated governance that scales with your agents
Compliance Evidence Architecture
BPMN-Driven Automated Evidence Collection & Gap Detection
- • Access Logs
- • Backup Verification
- • Security Scans
- • Policy Documents
- • Attestations
- • compliance-monitoring.bpmn
- • Gap Detection Loop
- • Score Calculation
- • Alert Triggers
- • Dashboard Updates
- • CRUD Operations
- • File Upload (S3/GCS)
- • Validation Rules
- • Audit Trail
- • API + GraphQL
- • Compliance Scores
- • Gap Reports
- • Email/Slack Alerts
- • Real-time Dashboard
- • Audit Reports
Automated Compliance: BPMN-orchestrated evidence collection with real-time gap detection— compliance becomes a continuous process, not an annual scramble
Multi-Persona Compliance Portals
Role-Based Views for Clients and Auditors
Client Dashboard
/compliance/evidence- ✓ Evidence Submission UI
- ✓ Compliance Score Display
- ✓ Gap Remediation Actions
- ✓ Framework Progress Tracking
- ✓ Control Status Overview
Auditor Portal
/auditor/*- ✓ Evidence Review & Verification
- ✓ Complete Audit Trail
- ✓ Report Generation (PDF)
- ✓ Framework-Specific Views
- ✓ Compliance Dashboard
Dual Persona Design: Clients manage their compliance posture while auditors verify evidence— 108 unit tests ensure reliability across both portals
Continuous Monitoring Infrastructure
10 Camunda External Task Workers for Real-Time Compliance
Missing & stale evidence
Framework & overall
Email & Slack
Real-time metrics
Complete trail
Content scanning
Policy checks
External services
Service checks
Automated gathering
Always-On Compliance: Timer-triggered BPMN workflows continuously detect gaps, calculate scores, and alert— compliance issues found in hours, not audit cycles
GRC Framework Foundation
SOC 2 Type 2 + Rival AI Governance - 120-150 Controls Target
🛡️ SOC 2 Trust Service Criteria
🤖 Rival AI Governance (30-40 Controls)
Right-Sized Framework: 120-150 controls targeting SOC 2 Type 2 certification— inspired by RI AI CoE 214-control framework, adapted for commercial SaaS
Security Posture: Comprehensive Protection
7-Layer Zero-Trust Defense + 5-Gate CI/CD Pipeline | SOC 2 CC Aligned
🛡️ 7-Layer Zero-Trust Defense
🔍 CI/CD Security Pipeline
🔒 Zero-Trust Infrastructure
HTTP Security Headers
15 Custom Semgrep Rules
SOC 2 Alignment: CC6.1 (Access) • CC6.6 (Encryption) • CC6.7 (Transmission) • CC7.2 (Monitoring) • CC8.1 (Change Management)
Zero-Trust Architecture: Defense in Depth
Default DENY • Explicit Allowlist • Complete Audit Trail
🌐 Network Isolation
👤 Identity & Access
🔑 Access Control
├── Organization (agencies)
└── Tenant (clients)
├── Admin Dashboard
└── Email domain restrictions
Audit Compliance: HMAC-SHA256 tamper-proof logs • SOC 2 CC6.1 • HIPAA Security Rule • GDPR Article 30
Network Security Architecture
GCP Firewall + Cloudflare Zero-Trust: No Direct IP Access
🚫 External Traffic
☁️ Cloudflare Zero-Trust
🔒 GKE Internal
GCP Firewall Rules (Priority-Based)
Source: 173.245.48.0/20, 103.21.244.0/22...
Target: gke-poetry-cluster nodes
Source: 0.0.0.0/0 (all traffic)
Target: gke-poetry-cluster nodes
IaC: infrastructure/kubernetes/cloudflared-config.yaml | GCP: rival-qa-allow-cloudflare-only, rival-qa-deny-direct-ingress
Security Remediation: RIV-592 to RIV-600
9 Critical Security Issues Identified & Fixed (January 2026)
PR: #553 | Methodology: Multi-agent security review + LLM-as-Judge validation | Evidence: .claude/memory-bank/evidence/cdd/RIV-550/
Platform Cost Monitoring
Unified GCP Infrastructure + External Services Cost Intelligence
PR: #633 | Knative service: cost-reporter | Schedule: 6AM/12PM/6PM/12AM ET
The Future: Eyeballs to Botballs
SEO → AEO (Agent Experience Optimization)
Today: SEO
Optimize for
human clicks
Future: AEO
Optimize for
AI retrieval + actions
Structured Data
Schema.org Product, Organization & LocalBusiness vocabularies in JSON-LD so AI reads meaning, not just words
Retrieval Optimization
SSR for crawlable content, clean canonical URLs, XML sitemaps, /llms.txt declarations
Bot Control
RFC 9309 robots.txt compliance, WAF-level enforcement, rate limiting & selective access
IETF Standards
AI Preferences working group (aipref) for site-level machine-readable policy declarations
Agent-Actionable
Real-time product APIs, structured commerce feeds enabling AI agents to browse & transact
AEO Metrics
AI referral traffic, LLM citation tracking, bot crawl analytics & AI-driven attribution
Poetry's Competitive Advantage
As AI shopping agents become the new top-of-funnel, Poetry positions brands to be discoverable, trustworthy, and actionable for both human users AND AI retrieval bots.
Development Summary
Rival Platform - Agentic SDLC Metrics ↑ 69% Complete
Project Management / Jira (RIV)
Version Control / GitHub
Codebase / Monorepo
Testing & Quality
Agentic SDLC - Active SubAgents
14 SubAgents automating the full software development lifecycle
Generated: 2025-12-28 | Data refreshed on demand via /dev-summary
Poetry Campaign Dashboard
Real-Time Performance Intelligence Powered by AI
Dashboard available at /campaigns/dashboard • Data refreshes every 15 minutes
Paid Media Campaign Simulator
What-If Analysis with Real-Time AI Predictions
✅ Happy Path
Normal campaign performance baseline
📉 ROAS Crisis
Declining returns scenario simulation
💸 Budget Pacing
Overspend/underspend pacing analysis
⚠ Platform Failure
Single platform outage resilience
📈 Seasonal Spike
Holiday/event traffic surge modeling
😴 Audience Fatigue
Creative exhaustion prediction
Budget Allocation Sliders
Available at /campaigns/simulator • CortexOne functions power AI predictions • RIV-491
Comprehensive Fixture System
6,500+ Records for Demo, Testing & QA
🏢 Tenant Strategy
📊 Data Volumes
🎰 Gaming Compliance
State rules • Responsible gaming • GeoComply • HITL reviews
🎓 Education Compliance
50+ institutions • Gainful employment • Lead gen consent
Seed command: pnpm --filter @rival/db seed • Located in packages/db/prisma/seeds/
Poetry: E2E Campaign Planning Demo
Complete workflow from campaign inception to creative brief with AI + DMN governance
5 AI Functions
- 🎯 Media Mix Allocation
- 📈 Performance Forecasting
- 👥 Audience Identification
- 📋 Campaign Framework
- ✏️ Creative Brief
6 DMN Gates
- Campaign Eligibility
- Budget Guardrails
- Forecast Quality
- Audience Privacy
- Naming Convention
- Delegation of Authority
5 User Reviews
- 📊 Review Mix Allocation
- 📉 Review Forecast
- 🎯 Review Audiences
- 🏗️ Review Framework
- ✅ Final Review
AI Proposes → DMN Decides → Human Approves → BPMN Enforces
Plan Campaign BPMN Process
Orchestrated workflow with DMN governance gates at each decision point
Process: plan-campaign.bpmn • Work Item: RIV-224
Campaign Lifecycle - Master Orchestrator
State machine controlling all campaign phases with message-based coordination
Process: campaign-lifecycle.bpmn • Master state machine
Launch Campaign - Parallel Platform Deployment
Simultaneous deployment to 4 ad platforms with verification and rollback
Success Path
All platforms verified -> Status: ACTIVE -> Notify stakeholders
Rollback Path
Verification fails -> Pause all platforms -> Log details -> Notify team
Process: launch-campaign.bpmn • Parallel gateway pattern with rollback
Daily & Weekly Optimization
Tactical daily adjustments and strategic weekly reallocations
Daily Optimization
Weekly Reallocation
Adaptive Approval: Small changes auto-approve | Large changes require human review
Processes: daily-optimization.bpmn, weekly-reallocation.bpmn
Operational Controls: Pause, Resume, Close, Emergency
Campaign state management with DMN-driven authorization
Pause Campaign
Resume Campaign
Close Campaign
Emergency Stop
Processes: pause-campaign.bpmn, resume-campaign.bpmn, close-campaign.bpmn, emergency-stop.bpmn
CortexOne AI Optimization
Advanced AI-powered campaign optimization with predictive analytics and autonomous execution
Process: cortexone-optimization.bpmn • 4 CortexOne serverless functions
Feedback Workflow - Closing the Loop
AI-powered sentiment analysis with priority-based routing and closed-loop notification
Process: feedback-workflow.bpmn • Closed-loop feedback with AI sentiment analysis
Social Media Content Workflow
8-agent pipeline from brief intake to content calendar generation with parallel research phases
workflow-incident-create worker with priority routing to senior-engineers or incident-managers.
Process: social-media-content-workflow.bpmn • Styx Workflow Suite
Content Creation Workflow
8-agent hub-and-spoke pattern for multi-channel content production with Opus quality gate and configurable workspace output
Process: content-creation-workflow.bpmn • Styx Workflow Suite • ClaudeAgentWorker + WorkspaceProvider
Customer Service Workflow
6-agent linear workflow for automated ticket handling with intelligent escalation and SLA enforcement
Process: customer-service-workflow.bpmn • Styx Workflow Suite
Reporting & Analytics Workflow (Wayfinder)
9-agent data pipeline with collapsed sub-processes for collection, analysis, and visualization
- Source Connector
- Data Ingestion
- Standardization
- Query Translation
- Data Analysis
- Reasoning & Insights
- Summarization
- Visualization
- Report Generation
Process: reporting-analytics-workflow.bpmn • Styx Workflow Suite • Wayfinder Pattern
Crisis & Reputation Workflow (Spectre)
6-agent event-driven pipeline for early risk detection, assessment, and coordinated response
Process: crisis-reputation-workflow.bpmn • Styx Workflow Suite • Spectre Pattern
External Task Workers - The Execution Layer
109 specialized workers execute BPMN service tasks across 6 categories
Planning Workers
- poetry-media-mix
- poetry-forecasting
- poetry-audience
- poetry-framework
Execution Workers
- poetry-platform-deploy
- poetry-tracking-setup
- poetry-verification
Optimization Workers
- poetry-daily-optimize
- poetry-weekly-reallocate
- poetry-cortexone-bridge
Control Workers
- poetry-pause-platforms
- poetry-resume-platforms
- poetry-emergency-stop
Reporting Workers (13)
- reporting-data-source-connector
- reporting-data-ingestion
- reporting-data-standardization
- reporting-reasoning-insights
- reporting-summarization
- reporting-visualization
- google-sheets/slides/pdf-output
- report-distribution
Notification Workers
- notification-slack
- notification-email
- notification-webhook
All workers registered with Camunda 7 external task API
DMN Decision Tables
Policy-as-code governance with auditable decision logic
Campaign Eligibility
| Input | Rule |
|---|---|
| Privacy Framework | GDPR/CCPA required |
| Tracking Enabled | +30 pts if true |
| Client Tier | Min budget by tier |
Hit Policy: COLLECT (SUM)
Budget Guardrails
| Tier | Range | Max Δ |
|---|---|---|
| Enterprise | $50K-$10M | 50% |
| Growth | $10K-$500K | 30% |
| Starter | $1K-$50K | 20% |
Hit Policy: FIRST
Forecast Quality Gate
| Metric | Threshold |
|---|---|
| Confidence Score | ≥ 0.70 |
| Variance | ≤ 25% |
| Coverage | ≥ 80% |
Hit Policy: FIRST
Audience Privacy
| Check | Rule |
|---|---|
| Data Sources | 1st/2nd party only |
| PII Handling | Hashed required |
| Consent | Explicit opt-in |
Hit Policy: COLLECT
Naming Convention
| Level | Pattern |
|---|---|
| Campaign | [Client]_[Obj]_[Date] |
| Ad Set | [Audience]_[Geo] |
| Ad | [Format]_[CTA]_v# |
Hit Policy: FIRST
Delegation of Authority
| Budget | Approver |
|---|---|
| < $25K | Manager |
| $25K-$100K | Director |
| > $100K | VP/C-Level |
Hit Policy: FIRST
Location: packages/bpmn/poetry/decisions/ • 34 DMN files total
DMN Industry Compliance - Regulated Verticals
Industry-specific decision tables for regulatory compliance validation
Pharma
- FDA/OPDP compliance
- Fair balance requirements
- ISI/PI disclosure rules
- MLR approval workflow
pharma-fda-opdp-compliance.dmn
Financial Services
- FINRA 2210 compliance
- APR disclosure validation
- UDAAP screening
- Performance claims review
finra-2210.dmn
Healthcare
- CMS marketing guidelines
- Star rating display rules
- AEP/OEP timing validation
- Medicare compliance
cms-marketing-guidelines.dmn
43 total DMN decision tables • Industry-specific compliance rules
DMN Specialized Compliance
Defense, Alcohol/Cannabis, and AI Governance decision tables
Defense
- DoD contract compliance
- ITAR/EAR screening
- CUI detection
- Cleared recruiting rules
dod-contract-compliance.dmn
Alcohol & Cannabis
- State ABC rules
- TTB COLA claims
- Age verification gates
- Cannabis state compliance
state-abc-rules.dmn
AI Governance
- AI Act transparency
- Algorithmic bias detection
- Fair housing compliance
- EEOC targeting rules
ai-act-transparency.dmn
All DMN tables evaluated at process runtime via Camunda 7 decision service
Defense Compliance Gate - ITAR/EAR Workflow
6-stage HITL compliance pipeline for defense & aerospace advertising
What is ITAR/EAR?
ITAR (International Traffic in Arms Regulations) - Controls export of defense articles on the USML. EAR (Export Administration Regulations) - Controls dual-use items on the CCL. Putting controlled data in a public ad = illegal export to the world.
Redact & Resubmit Pattern
Reviewers can choose REDACT instead of REJECT. Process ends, user removes controlled content, then starts a new process instance. Each submission is a separate audit record for DCSA compliance.
Process: defense-compliance-gate.bpmn • 5 DMN tables • 5 HITL gates • Work Item: RIV-268
Defense Compliance - 6-Stage Pipeline
Each stage is a DMN decision table with human escalation path
Target: Lockheed Martin, RTX, Northrop Grumman, Boeing Defense, Anduril, Shield AI
E2E Demo Execution Results
Complete workflow executed via Rival Functions API + Camunda 7 orchestration
Rival Functions API
poetry-media-mix → mmm-allocator (real API)
poetry-forecasting → predictive-engine (real API)
Demo Mode Fallback
poetry-audience, poetry-framework, poetry-creative-brief
Generate mock DecisionProposal when API unavailable
Process Instance: 364acb4f-e08c-11f0-9d52-f63bc50e7e8b • Business Key: demo-e2e-final
Decision Engines: When to Use DMN vs Rego (OPA)
Two complementary decision engines for different purposes
📊 DMN (Camunda)
Purpose: Business rules & regulatory compliance
Audience: Business analysts, compliance officers
Editing: Visual table editor (Camunda Modeler)
Integration: Native BPMN (businessRuleTask)
- Campaign eligibility gates
- Budget guardrails
- Regulatory compliance (GDPR, ITAR, FDA)
- Approval routing
- Performance thresholds
🔐 Rego (OPA)
Purpose: Authorization & access control
Audience: Developers, security engineers
Editing: Code editor (Rego language)
Integration: REST API or WASM (in-process)
- API access control (RBAC/ABAC)
- Tenant isolation
- Resource permissions
- CI/CD system authorization
- Infrastructure policy
Key Insight: Complementary, Not Competing
DMN: packages/bpmn/poetry/decisions/ | OPA: packages/authority-management/policies/
Enterprise Authority Management
Delegation of Authority (DoA) with OPA WASM for sub-millisecond authorization
👔 Approval Hierarchy
🔐 OPA WASM Architecture
Threshold Routing
Auto-route to correct approver based on spend amount
Vacation Delegation
Temporary authority transfer with expiration
SOX Audit Trail
Complete decision log for compliance
Tenant Isolation
Customer-specific policies via Rego
Competitive Advantage
Most marketing platforms lack integrated Delegation of Authority. Rival provides enterprise-grade DoA with sub-millisecond authorization via WASM, enabling real-time policy evaluation without infrastructure overhead.
ADR: ADR-0003 (DoA) | ADR-0012 (WASM) | Policies: packages/authority-management/policies/
n8n Workflow Orchestration
Visual AI Agent workflows integrated with Camunda BPMN
n8n Why n8n?
- ✓ 400+ integrations out of the box
- ✓ Visual workflow editing for non-devs
- ✓ Self-hosted for data sovereignty
- ✓ Scale-to-zero on Knative
⚡ Camunda + n8n Integration
POST /webhook/research-analyze
POST /webhook/optimize-budget
When to Use n8n vs AgenticStrategy
Workflows: packages/n8n/workflows/ | Strategy: packages/workers/src/unified/strategies/n8n-strategy.ts
Demo Persona Logins
All personas use password: Demo2025!Secure
👥 Client Portal
sarah.johnson@nissan-demo.com
mike.chen@nissan-demo.com
lisa.finance@nissan-demo.com
⚙️ Operations Portal
alex.thompson@poetry.ai
jamie.support@poetry.ai
dev.engineer@poetry.ai
morgan.kim@poetry.ai
process.modeler@poetry.ai
compliance@poetry.ai
tenant.admin@poetry.ai
platform.admin@poetry.ai
🔍 Auditor Portal
auditor@external-audit-firm.com
Quick Demo
demo@rival.io
Source: apps/web/e2e/fixtures/personas.ts | Seed: packages/db/prisma/seeds/users.ts
Enterprise Communication Hub
Unified multi-channel notification service for all platform workflows
Source: packages/api/src/shared/notification.service.ts | Worker: packages/workers/src/cortexone/email-service.worker.ts
Poetry Intelligence System
AI-forward agency intelligence with causal validation and cross-client learning
🔬 Causal AI Layer
Proving causation, not just correlation
- ✓ DoWhy/EconML integration
- ✓ Lift validation on MMM
- ✓ "Validated ROI" badge
🧠 Temporal Memory
Zep/Graphiti bitemporal pattern
- ✓ Event + ingestion time
- ✓ Semantic entity subgraph
- ✓ Community clustering
🌐 Cross-Client Learning
Network effect moat
- ✓ Privacy-safe aggregation
- ✓ Vertical pattern libraries
- ✓ k-anonymity (min 5 clients)
Competitive Advantage
Poetry's moat is NOT any single AI capability but the integration of three layers that competitors struggle to replicate: Causal AI (the "why"), Temporal Knowledge Graph (the "what"), and Workflow Orchestration (the "how").
Schemas: packages/knowledge-base/poetry/schema/ | Functions: cortexone-functions/
Comprehensive Signal Taxonomy
8 signal categories with real-time to quarterly capture frequencies
Tier 1: Built (USE NOW)
- ✓ Meta Ads (9 workers)
- ✓ Google Ads (8 workers)
- ✓ LinkedIn ingestion
Tier 2: n8n (QUICK WIN)
- ✓ GA4 signal ingest
- ✓ News/RSS monitor
- ✓ Slack alerting
Tier 3: Custom Workers
- ▢ Meta Ad Library
- ▢ Pathmatics/Vivvix
- ▢ Brandwatch
n8n: packages/n8n/workflows/ | Workers: packages/workers/src/ | Schema: signals-intelligence.cypher
Causal AI & Real-time Anomaly Detection
DoWhy/EconML causal inference + 67% faster anomaly detection
🔬 Causal Validator Function
- Geo Holdout (highest confidence)
- Synthetic Control (medium)
- RCT when available
🚨 Anomaly Detector Function
Signal Aggregation Workflow
Daily 6AM trigger → Parallel n8n collection (GA4, News, Media, Competitive) → Anomaly detection → Slack alerts
signal-aggregation.bpmn
Anomaly Response Workflow
Severity routing (Critical: 1h, High: 4h SLA) → Causal analysis → Human-in-loop investigation → Resolution
anomaly-response.bpmn
McKinsey Finding: 40% of ad spend is wasted without causal validation. Poetry's integration of DoWhy/EconML with the MMM Allocator provides "Validated ROI" badges on recommendations.
Functions: cortexone-functions/causal-validator/, cortexone-functions/anomaly-detector/
Cross-Client Learning & Privacy
Network effect moat with privacy-safe aggregate patterns
🎬 Pharma CTV Fatigue Pattern
🎮 Gaming Channel Synergy Pattern
🔒 Privacy Guarantees
- ✓ k-anonymity (min 5 clients)
- ✓ No client-level data exposed
- ✓ Aggregate-only patterns
- ✓ Differential privacy layer
Pattern Types
Schema: packages/knowledge-base/poetry/schema/cross-client-patterns.cypher
Marketing Optimization Process (MOP)
5-phase framework from strategy to continuous improvement
Business Situation
Industry, Competition, Economics
COMING SOONSegmentation & Insights
Brand Audit, Customer Insight
COMING SOONBig Idea
Creative Brief, Program Design
COMING SOONProgram Design
Media Mix, Forecasting, Launch
✓ BUILTContinuous Improvement
Daily Optimization, Weekly Review
✓ BUILT
PRD: .claude/memory-bank/prds/mop-phases-1-3.md • Jira: RIV-541, RIV-542, RIV-543
MOP Phase 1: Business Situation & Objectives
AI-assisted strategic context gathering • Coming Q1 2026
📊 Industry Analysis Agent
- Market size & growth trends
- Category dynamics & seasonality
- Regulatory environment scan
- Emerging opportunity identification
🎯 Competitive Monitor Agent
- Share of voice analysis
- Competitor spend estimates
- Messaging theme extraction
- Competitive gap identification
💰 Economic Context Agent
- Macro-economic indicators
- Consumer confidence signals
- Profitability lever analysis
- Environmental factors (weather, events)
👥 Strategic Segmentation
- Customer segmentation analysis
- Sub-segment identification
- Revenue potential scoring
- Prioritization recommendations
DMN Governance Gate: Business Context Approval • Strategic Planner review required before Phase 2 • Causal validation of market assumptions
Jira: RIV-541 • BPMN: business-situation.bpmn (planned)
MOP Phase 2: Segmentation & Insights
Deep customer understanding with causal validation • Coming Q1 2026
🏷️ Brand Audit Agent
- Brand health metrics analysis
- Perception mapping vs competitors
- Positioning gap identification
- Voice & tone consistency audit
🔍 Insight Generator Agent
- Behavioral pattern discovery
- Jobs-to-be-done mapping
- Causal validation (DoWhy/EconML)
- Cross-client pattern matching
🎯 Behavior Change Objectives
- SMART objective generation
- Business goal alignment
- KPI definition & benchmarks
- Measurement framework design
⚙️ Marketing Enablement Assessment
- Tech stack readiness audit
- Data availability assessment
- Creative capability evaluation
- Org readiness scoring
DMN Governance Gate: Insights & Objectives Approval • Account Director review required • Causal validation of behavioral insights • k-anonymity verification for cross-client patterns
Jira: RIV-542 • BPMN: segmentation-insights.bpmn (planned)
MOP Phase 3: Big Idea Generation
Creative strategy with cross-client pattern learning • Coming Q2 2026
💡 Big Idea Generation
- 3-5 creative concepts
- Cross-client pattern matching
- Vertical-specific inspiration
📋 Program Design
- Channel allocation strategy
- Budget phasing recommendations
- Milestone planning
📈 Impact Forecasting
- Revenue projections
- KPI targets with confidence
- Scenario modeling
⚖️ Prioritization Engine
- Impact × Feasibility scoring
- Strategic fit alignment
- Resource requirement analysis
✏️ Creative Brief Generator
- Detailed agency brief
- Brand voice guidelines
- Reference examples
👤 CMO Approval Gate
- Human-in-the-loop review
- Strategic alignment check
- Budget approval workflow
→ Handoff to Phase 4: Approved creative brief triggers plan-campaign.bpmn
• Media Mix Allocation • Performance Forecasting • Campaign Launch
Jira: RIV-543 • BPMN: big-idea.bpmn (planned)
Poetry Intelligence System
Three-layer continuously learning architecture • The "Strategic Brain" differentiator
Layer 1: Causal AI
The "Why" - Validates causation, not just correlation
Layer 2: Temporal Knowledge
The "What" - Bitemporal memory for complete history
Layer 3: Cross-Client Learning
The "How" - Privacy-safe aggregate patterns
Intelligence CortexOne Functions
Competitive Moat: Every new client makes the intelligence better for all clients. Only Poetry knows that "Pharma CTV campaigns with frequency >3.5 see 30% CTR decline after 21 days"
Schema: packages/knowledge-base/poetry/schema/ • 31 Cypher files
8 Signal Categories
Comprehensive signal taxonomy feeding the Knowledge Graph
📊 Client Business
- Revenue & sales data
- Customer lifecycle
- Inventory signals
- Pricing changes
📈 Media Performance
- Paid media metrics
- Creative performance
- Channel efficiency
- ROAS trends
🌐 Owned Channels
- Web analytics (GA4)
- Email/SMS metrics
- App engagement
- SEO performance
👥 Consumer Signals
- Intent signals
- Sentiment analysis
- Behavior patterns
- Journey mapping
🎯 Competitive Intel
- Spend estimates
- Share of voice
- Creative monitoring
- Messaging themes
💰 Market & Economic
- Macro indicators
- Category trends
- Pricing dynamics
- Supply chain
🌍 Cultural & Social
- Trending topics
- Platform changes
- Cultural moments
- Viral content
🌦️ Environmental
- Weather patterns
- Seasonal factors
- Local events
- Holiday calendars
Schema: packages/knowledge-base/poetry/schema/signals-intelligence.cypher
MOP + Intelligence: The Complete Vision
From strategic insight to continuous optimization in one intelligent system
Q1 2026
Phase 1 Beta
Business Situation
Q2 2026
Phases 2-3 Beta
Insights + Big Idea
Q4 2026
Full MOP GA
All 5 Phases Live
The Poetry Advantage
PRD: .claude/memory-bank/prds/mop-phases-1-3.md • Jira: RIV-541, RIV-542, RIV-543
Poetry-LM: Fine-Tuned Intelligence
Embedding Agency Expertise into Domain-Specific Language Models
GraphRAG Alone Falls Short
- ✗ Facts without agency voice
- ✗ Generic marketing language
- ✗ Can't generate creative copy
- ✗ No tacit reasoning patterns
Poetry-LM Delivers
- ✓ Client reports in agency voice
- ✓ Brand-authentic ad copy
- ✓ Expert anomaly explanations
- ✓ Senior analyst reasoning
Report Narratives
Agency writing style
Ad Copy
Brand voice generation
Anomaly Insights
Expert explanations
Media Planning
Senior analyst reasoning
ADR: .claude/memory-bank/decisions/ADR-007-poetry-llm-fine-tuning-architecture.md
Hybrid Architecture: Best of All Worlds
BPMN Orchestration + CortexOne Functions + GPU Training Compute
BPMN Orchestration (Governance, Human Tasks) Click to view process →
CortexOne Functions (Compute, ML)
GPU Training Compute (CortexOne Intelligent Routing)
BPMN: packages/bpmn/poetry/processes/poetry-llm-fine-tuning.bpmn
Why Hybrid Wins
Strategic benefits of combining BPMN governance with CortexOne agility
Orchestration + Control
BPMN for governance. CortexOne for intelligent compute. Human-in-loop where it matters.
Heterogeneous Compute
Functions run on optimal hardware - CPU, GPU, FPGA, or ASIC. Not locked to any cloud.
Intelligent Routing
Workloads matched to best execution venue. GPU completes in 1/10th CPU time.
API-First Flexibility
Invoke CortexOne functions directly. No infrastructure awareness required.
Enterprise Control
Processor-level encryption. Deploy on-premise, cloud, or managed.
Proven Efficiency
90%+ cost/time reduction proven. 65x efficiency gains (STORM).
| Approach | Governance | Compute Efficiency | Hardware Flex | Hybrid ✓ |
|---|---|---|---|---|
| BPMN Only | ✓ Excellent | Limited (CPU) | None | ✓ |
| CortexOne Only | Limited | 65x gains | CPU/GPU/FPGA | API-based |
| Hybrid | ✓ Excellent | 65x gains | CPU/GPU/FPGA | ✓ Automatic |
STORM: 3,120 → 48 compute hours via intelligent hardware routing
Implementation: Production-Ready
25 files, 5,774 lines delivering the complete fine-tuning pipeline
BPMN Workflow
poetry-llm-fine-tuning.bpmn
- • 5 execution phases
- • 2 human review gates
- • 6-hour SLA timer
CortexOne Functions
cortexone-functions/poetry-*/
- • data-prep, evaluator
- • training-orchestrator
- • deployer (canary)
GPU Training
cortexone-functions/training/
- • GPU training job manifest
- • QLoRA training script
- • Checkpoint handling
PRD: .claude/memory-bank/prd/PRD-poetry-llm-fine-tuning.md • Branch: feature/RIV-500-poetry-llm-fine-tuning
Domain LLMs: Embedded Expertise
Fine-tuned models for agency-specific tasks powered by CortexOne intelligent routing
Poetry-LM
Marketing Voice
- • Client report narratives
- • Ad copy generation
- • Media plan reasoning
Spectre
Brand Reputation
- • Sentiment analysis
- • Crisis detection
- • Brand monitoring
Compass
Investment Analysis
- • Due diligence reports
- • Market analysis
- • Risk assessment
CortexOne intelligent routing: CPU/GPU/FPGA/ASIC • Not locked to any cloud
Training: QLoRA fine-tuning • Serving: Knative auto-scaling • Governance: BPMN orchestration
Hallucination Detection: User-Powered Training
Continuous model improvement through user feedback on RAG responses
1. Report Incorrect
User flags inaccurate RAG response with AlertTriangle button
2. Annotate Claims
AI pre-labels sentences, user confirms and categorizes errors
3. Export & Train
JSONL export feeds DeBERTa-v3 fine-tuning pipeline
Training Architecture: User Feedback → JSONL Export (70/15/15 split) → DeBERTa-v3 Cross-Encoder → Improved Hallucination Detector
Components: HallucinationModal.tsx • API: /api/hallucination/detect • Jira: RIV-666
The Hidden Cost of "Good Enough"
Every traditional agency relationship has the same problem.
Knowledge Walks Out
When talent leaves, so do your insights. Every transition resets your learning curve.
Starting From Scratch
Every campaign reinvents the wheel. Last quarter's learnings stay in someone's inbox.
Paying for Old Insights
You're paying premium rates for insights your competitors got last quarter.
What if your agency got smarter with every campaign?
What If Your Agency Got Smarter Every Day?
Imagine an agency relationship where intelligence compounds over time.
Knowledge stays in people's heads
Knowledge lives in the system
Year 1: We learn your business. Year 2: The system knows patterns you haven't discovered. Year 3: Insights compound faster than any competitor.
Poetry
The Learning Agency
Every campaign makes us smarter for your business. Every insight stays in the system. Every quarter builds on the last.
Powered by proprietary technology that captures, connects, and compounds every insight.
Proof: Results That Speak
Real outcomes from compounding intelligence
"In Q3, Poetry identified a pattern across our campaigns that we'd never seen. It turned out our top-performing creative had a specific element that worked 3x better on mobile. That insight alone paid for the entire engagement."
How It Works: The Intelligence Flywheel
Every interaction makes the system smarter
Listen
Data flows from every touchpoint. Signals from 8 categories feed the system continuously.
Analyze
AI agents find patterns, validate causation (not just correlation), detect anomalies.
Act
Recommendations flow to the right person at the right time. Human-in-the-loop approval.
Learn
Every outcome feeds the knowledge graph. The system remembers what worked—forever.
🔑 The secret: Every insight is connected to every other insight. Patterns emerge that no human could spot alone.
Your Challenges, Our Solutions
Three outcomes that matter most to marketing leaders
Paid Media Intelligence
Optimize spend across channels with AI that learns your audience's patterns.
- ✓ Real-time budget reallocation
- ✓ Cross-platform attribution
- ✓ Predictive ROAS modeling
Content Performance
Know what content works before you publish. Learn from every piece of creative.
- ✓ Creative pattern analysis
- ✓ Brand voice consistency
- ✓ Social listening insights
Reporting & Analytics
Dashboards that answer questions before you ask. Executive-ready insights.
- ✓ Automated anomaly detection
- ✓ Natural language queries
- ✓ Board-ready presentations
+ Social Media Management • Crisis & Reputation • Customer Service → See all 6 solutions
The ROI Framework: Prove Value Together
How we measure success—and give your CFO ammunition
Our Measurement Approach
Incrementality Testing
We don't just measure correlation—we prove causation with holdout tests and causal AI.
MMM Integration
Marketing Mix Modeling that actually updates in real-time, not quarterly.
Privacy-First Attribution
Signal loss recovery that works in a post-cookie world. iOS 14.5+ ready.
📊 CFO-Ready Metrics
✓ Quarterly business reviews with executive dashboards
✓ Monthly ROI reports your CFO will actually read
Your Poetry Team: People + AI
The talent you'd hire if you could—augmented by intelligence that never forgets
Account Director
Your strategic partner with full context on your business
Data Strategist
Analytics expert backed by AI pattern recognition
Media Planner
Channel expertise enhanced by predictive modeling
AI Agent Team
5 specialized agents working 24/7 on your behalf
The difference: When your Account Director learns something, the entire system learns it. When they're out, the AI agents maintain continuity. Knowledge compounds—it never walks out the door.
Why Poetry vs. Traditional Agencies
The compounding advantage over time
| Traditional Agency | Poetry | |
|---|---|---|
| Knowledge Retention | Walks out with people | Lives in the system forever |
| Learning Curve | Resets with each campaign | Compounds exponentially |
| Pattern Recognition | Human memory limits | AI finds hidden connections |
| Reporting Speed | Weekly/monthly cycles | Real-time dashboards |
| ROI Proof | Correlation-based claims | Causal AI validation |
Year 3 with Poetry = More intelligence than Year 10 with a traditional agency
Getting Started: Simple as 1-2-3
Your journey to compounding intelligence
Discovery Call
30-minute conversation to understand your challenges and goals
Pilot Program
90-day engagement on a focused initiative to prove value
Scale Partnership
Expand across channels and watch intelligence compound
No long-term commitment required. Prove value in 90 days, then decide if the relationship is right for you.
What You'll Have in 90 Days
Concrete deliverables from your pilot program
Intelligence Dashboard
Real-time visibility into performance across all channels
Baseline ROI Report
CFO-ready metrics proving value vs. your previous approach
Pattern Discovery Report
At least 3 insights you didn't know about your audience
Knowledge Graph Seed
Your business intelligence captured and connected—forever
Optimization Roadmap
12-month plan for scaling the intelligence advantage
Dedicated Team
Account Director + Data Strategist + AI Agent access
The real deliverable: A foundation of intelligence that will grow more valuable every quarter.
Your Intelligence Starts Here
Ready to build an agency relationship where every quarter makes you smarter?
Intelligence that compounds, not resets
ROI your CFO can measure
Prove value in 90 days
Powered by the Rival intelligence platform
Enterprise Authentication
Secure, Flexible Identity Management Powered by Descope
Passwordless First
Passkeys, Magic Links, and biometric authentication eliminate password vulnerabilities
Enterprise SSO
SAML 2.0 and OIDC support for Okta, Azure AD, OneLogin, and custom IdPs
Multi-Tenant
Per-tenant identity configuration with isolated user pools and custom branding
Authentication Methods
Multiple secure options for every user preference
Passkey / WebAuthn
Recommended- Biometric authentication (Face ID, Touch ID, Windows Hello)
- Hardware security keys (YubiKey, Titan)
- Phishing-resistant by design
- Synced across devices via iCloud/Google
Magic Link
Passwordless- One-click email authentication
- Time-limited secure tokens
- No password to remember or steal
- Ideal for occasional users
OAuth 2.0 / Social
Familiar- Google Workspace integration
- Microsoft 365 accounts
- GitHub for developers
- Leverages existing identity
Multi-Factor Auth
Enhanced- TOTP authenticator apps
- SMS/Email OTP backup
- Risk-based step-up authentication
- Configurable per tenant
Enterprise SSO Integration
Seamless integration with your corporate identity provider
🔗 SAML 2.0
Industry-standard federation protocol for enterprise identity
Supported IdPs:
- SP-initiated and IdP-initiated flows
- Attribute mapping for user provisioning
- Signed assertions and encrypted responses
🔓 OpenID Connect (OIDC)
Modern OAuth 2.0-based identity layer for web and mobile
Compatible With:
- Authorization Code flow with PKCE
- ID Token and Access Token support
- Refresh token rotation
Centralized User Management
Automatic Provisioning
Single Sign-Out
Compliance Ready
SSO Setup Process
Simple onboarding for enterprise customers
Request SSO
Customer submits SSO request with IdP details
Configure Tenant
We create SSO connection in Descope
Exchange Metadata
SP metadata ↔ IdP metadata exchange
Test & Activate
Validate SSO flow and go live
📋 Customer Provides
- IdP Metadata URL or XML file
- Entity ID / Issuer
- SSO URL (Single Sign-On endpoint)
- X.509 Certificate
- Attribute mapping requirements
- Allowed email domains
📤 We Provide
- SP Metadata URL
- ACS (Assertion Consumer Service) URL
- Entity ID / Audience URI
- Relay State configuration
- Attribute mapping guide
- Test account credentials
Multi-Tenant Identity Architecture
Isolated, secure identity management for each customer
🏢 Tenant A (Enterprise)
🏢 Tenant B (Mid-Market)
🏢 Tenant C (SMB)
Isolated User Pools
Custom Branding
Per-Tenant Policies
Audit Logging
AI-Powered Social Media
Content Automation
End-to-End Workflow Demonstration
See how 7 AI agents collaborate through a BPMN-orchestrated workflow to generate a complete 8-week content calendar with human-in-the-loop quality gates.
Demo Overview
Nissan North America - EV Awareness Campaign
Campaign Details
| Client | Nissan North America |
| Goal | Brand Awareness |
| Duration | 8 weeks (Jan 29 - Mar 26) |
| Budget | $150,000 |
Target Platforms
Competitors Analyzed
Tesla, Ford Mach-E, Chevy Bolt, Hyundai Ioniq, Kia EV6
Workflow Architecture
BPMN-Orchestrated 7-Agent Pipeline
Brief Intake
38sIndustry Analysis
2m 11sAudience Research
1m 50sMessaging Pillars
1m 53sStrategy
2m 52sContent Planning
45sCalendar Gen
1mParallel Execution
Industry Analysis and Audience Research run simultaneously, reducing total execution time.
HITL Quality Gates
Confidence-based gates (≥0.85 auto-approve) ensure human oversight on low-confidence outputs.
Total Time: ~17 min
Full campaign strategy and 120 posts generated in under 20 minutes.
Agent 1: Brief Intake
Validates and structures the campaign brief
Input
{
"clientName": "Nissan North America",
"industry": "Manufacturing",
"targetPlatforms": ["instagram", "tiktok", "linkedin"],
"campaignGoals": "awareness",
"audienceDescription": "Auto enthusiasts aged 25-45,
eco-conscious consumers, first-time EV buyers...",
"contentPeriod": 8,
"competitors": ["Tesla", "Ford Mach-E", ...],
"budget": 150000
}
Output
{
"structuredBrief": {
"clientName": "Nissan North America",
"startDate": "2026-01-29",
"endDate": "2026-03-26",
"totalWeeks": 8,
"platformCount": 3,
"isComplete": true,
"missingFields": []
},
"validationPassed": true,
"confidence": 0.6
}
Duration
38 seconds
HITL Triggered
Yes - Confidence 0.6 < 0.85 threshold
Validation
All required fields present, dates calculated
Agents 2-3: Parallel Research Phase
Industry Analysis + Audience Research run simultaneously
Industry Analysis Agent
Duration: 2m 11s | Confidence: 0.6
Competitors Analyzed
- Tesla - Market leader presence
- Ford Mustang Mach-E
- Chevrolet Bolt
- Hyundai Ioniq
- Kia EV6
Market Trends Identified
Audience Research Agent
Duration: 1m 50s | Confidence: 0.6
Primary Persona
| Age Range | 25-44 |
| Interests | Technology, Trends |
| Values | Quality, Innovation |
| Pain Points | Finding reliable solutions |
Preferred Content
Parallel Execution Benefit
Both agents completed in ~2 minutes total instead of ~4 minutes sequential. This pattern is enforced by the BPMN parallel gateway.
Agent 4: Messaging Pillars
Creates core brand messaging themes
Brand Excellence
"Nissan North America delivers exceptional value"
Community Connection
"Building relationships that matter"
Value Creation
"Delivering real results"
Brand Voice Spectrum
| Formal ↔ Casual | 5/10 - Balanced |
| Serious ↔ Playful | 4/10 - Professional |
| Reserved ↔ Bold | 6/10 - Confident |
| Traditional ↔ Innovative | 7/10 - Forward-looking |
HITL Review
Confidence: 0.6 triggered manual review
Review Note: "Approved for Nissan Ariya EV campaign demo - messaging pillars look solid"
Agent 5: Strategy Development
Platform-specific strategies and posting schedule
Instagram Strategy
Focus: Visual storytelling
| Frequency | 5/week |
| Best Times | 9AM, 6PM |
| Content Types | Reels, Carousels |
TikTok Strategy
Focus: Trend participation
| Frequency | 4/week |
| Best Times | 12PM, 7PM |
| Content Types | Short videos, Duets |
LinkedIn Strategy
Focus: Thought leadership
| Frequency | 3/week |
| Best Times | 8AM, 12PM |
| Content Types | Articles, Polls |
Campaign Phases
Phase 1: Launch
Weeks 1-2: Brand introduction, awareness building
Phase 2: Growth
Weeks 3-5: Community engagement, user content
Phase 3: Conversion
Weeks 6-8: Call-to-action, lead generation
Agent 6: Content Planning
Weekly content mix and theme distribution
Weekly Distribution
| Day | Posts | Focus |
|---|---|---|
| Monday | 3 | Week kickoff |
| Tuesday | 2 | Educational |
| Wednesday | 3 | Mid-week engagement |
| Thursday | 2 | Behind-the-scenes |
| Friday | 3 | Weekend prep |
| Saturday | 1 | Lifestyle |
| Sunday | 1 | Community |
Theme Balance
Agent 7: Calendar Generation
120 posts with captions, hashtags, and asset requirements
Sample Post Output
{
"id": "f43e6314-2bb2-4463-b345-fb279095f596",
"platform": "instagram",
"postType": "reel",
"scheduledDate": "2026-01-30",
"scheduledTime": "09:00",
"dayOfWeek": "Friday",
"weekNumber": 1,
"caption": "[REEL] Brand Excellence - Short-form video showcasing Brand Introduction",
"hashtags": ["#brandintroduction", "#NissanAriya", "#EVlife"],
"assetRequirements": { "type": "video", "duration": "15-60s", "aspectRatio": "9:16" },
"theme": "engagement",
"pillarReference": "Brand Excellence",
"callToAction": "Share your thoughts in the comments!",
"status": "DRAFT"
}
Human-in-the-Loop Quality Gates
Confidence-based review triggers ensure quality
How HITL Works
≥ 0.85
Auto-Approve
< 0.85
Human Review Required
Brief Intake
0.6
REVIEWEDMsg Pillars
0.6
REVIEWEDStrategy
0.6
REVIEWEDContent Plan
0.6
REVIEWEDCalendar
0.6
REVIEWEDWhy This Matters
HITL gates ensure AI outputs meet quality standards before proceeding. In production, high-confidence outputs auto-approve for efficiency, while uncertain outputs get human oversight.
Execution Timeline
Complete workflow in ~17 minutes
Process Flow
15:51:57 - 15:52:35 (38s)
15:52:35 - 15:54:46 (2m 11s)
15:54:46 - 15:56:39 (1m 53s)
16:03:24 - 16:06:17 (2m 52s)
16:06:17 - 16:08:41 (2m 24s)
Key Metrics
| Total Duration | 16 min 44 sec |
| AI Processing Time | ~10 minutes |
| HITL Review Time | ~7 minutes |
| Posts Generated | 120 posts |
| Posts/Minute | ~7.2 posts |
Manual Comparison
A human content strategist would typically need 40-60 hours to create a comparable 8-week content calendar with this level of detail.
~200x Faster
BPMN Orchestration
CIB seven (Camunda 7 fork) manages workflow execution
Process Definitions
Total BPMN processes deployed across all solutions
External Tasks
AI agents implemented as external task workers
User Tasks
HITL review gates for human approval
Process Instance: 71299725-fd2a-11f0-8853-4e8806c1e7d6
Activity History (Path Taken): StartEvent_SocialMedia → Start (4ms) Task_BriefIntake → Brief Intake Agent (37.6s) Gateway_ResearchSplit → Parallel Split Task_IndustryAnalysis → Industry Analysis Agent (130.9s) ┐ Task_AudienceResearch → Audience Research Agent (110.5s) ├ Parallel Gateway_ResearchJoin → Parallel Join ┘ Task_MessagingPillars → Messaging Pillars Agent (112.8s) Task_ReviewPillars → HITL Review (7s) Task_Strategy → Strategy Agent (172s) Task_ReviewStrategy → HITL Review (15s) Task_ContentPlanning → Content Planning Agent (45s) Task_ReviewContent → HITL Review (7s) Task_ContentCalendar → Calendar Agent (0s) Task_FinalApproval → Final Approval (15s) Task_GenerateOutput → Google Sheets Export (60s) EndEvent_Complete → Complete
Technology Stack
Enterprise-grade AI workflow orchestration
CIB seven / Camunda 7
BPMN workflow orchestration with external task pattern for AI agent integration
Claude Agent SDK
AI agents with tool use, web research, and structured output generation
Google Workspace
Content calendar exported to Google Sheets for team collaboration
OPA / WASM
Authorization policies for multi-tenant content access control
Next.js + NestJS
Modern React frontend with TypeScript API backend
GKE + Knative
Kubernetes orchestration with serverless scaling for workers
Business Value
Transform content creation efficiency
For Content Teams
- Instant campaign scaffolding
- Consistent brand voice across platforms
- Data-driven content mix optimization
- Reduced creative block and burnout
- More time for strategic work
For Agencies
- Scale content production without headcount
- Standardized quality across clients
- Faster campaign turnaround
- Human oversight where it matters
- Competitive pricing advantage
Content Creation Workflow
Multi-channel content production with brand consistency
AI Agents
Brand Voice → Editorial → Newsroom → Executive → Press-to-Social → Editorial Review
Parallel Tracks
Newsroom, Executive, and Press-to-Social run simultaneously
HITL Gates
Brand Voice Review + Final Content Approval
Channels
Press Release, LinkedIn, Instagram, Twitter, Executive Blog
Execution Summary
Content Creation Agent Pipeline
Hub-and-spoke pattern with parallel content generation
Newsroom Agent
Press releases, news articles, announcements with journalistic standards
Executive Agent
Thought leadership posts, executive memos, LinkedIn content
Press-to-Social Agent
Transforms PR content into platform-native social posts
Content Output Examples
Nissan Ariya EV Launch - Multi-channel assets
Press Release
The all-new Ariya delivers 300+ miles of range with cutting-edge ProPILOT Assist 2.0 technology...
Executive Blog Post
As we witness the transformation of the automotive industry...
LinkedIn Post
#ElectricVehicle #Sustainability #Innovation
Instagram Caption
#NissanAriya #EV #ZeroEmissions
Workflow Comparison
Two complementary workflows for end-to-end content automation
Social Media Content
- ✓ Focus: Social media calendar generation
- ✓ Agents: 7 (Brief → Research → Strategy → Calendar)
- ✓ Output: 120 posts for 8 weeks
- ✓ Duration: 17 minutes
- ✓ HITL Gates: 5 confidence-based
Content Creation
- ✓ Focus: Multi-channel content production
- ✓ Agents: 7 (Brand → Editorial → Content → Review)
- ✓ Output: PR, blog, social assets
- ✓ Duration: 3.5 minutes
- ✓ HITL Gates: 2 approval-based
Combined Capability
From strategic planning to content production in under 25 minutes
Ready to Transform Your
Content Workflow?
See the full platform in action
Request Demo
See the complete platform with your own campaign data
Pilot Program
Run a 30-day pilot with one brand or campaign
Full Deployment
Enterprise rollout with custom integrations
Demo executed: January 29, 2026
Social Media: 71299725-fd2a-11f0-8853-4e8806c1e7d6
Content Creation: ca03c49c-fd2f-11f0-8853-4e8806c1e7d6
{poetry}
Brand
Guidelines
The visual identity system for Poetry and all branded materials across the Arc Machina ecosystem.
Version 2.0 — January 2026
Logo
The Poetry logo is the word "poetry" wrapped in curly braces, rendered in a light serif-italic typeface.
- Always include curly braces
- Use lowercase
- White on dark / dark on light
- Maintain clear space
- Minimum 80px digital
- Remove curly braces
- Capitalize any letters
- Apply color to logo
- Rotate/distort/add shadows
- Place on busy backgrounds
- Substitute serif typeface
Colors
Purple gradient system on a near-black foundation.
Gradients
Central to Poetry's visual identity.
linear-gradient(135deg, #7B2FBE 0%, #9B4DCA 40%, #C084FC 70%, #E9D5FF 100%)
linear-gradient(180deg, #0D0D0D 0%, #1A1A2E 50%, #2D1B4E 100%)
linear-gradient(135deg, #F3E8FF 0%, #E9D5FF 30%, #DDD6FE 60%, #C4B5FD 100%)
linear-gradient(90deg, #7B2FBE, #9B4DCA, #C084FC, #E9D5FF, #7B2FBE) height: 4px
Typography
Host Grotesk for headlines. Inter for body. Serif italic for logo.
Messaging
Four Advantages
Components
Presentation Layouts
The Arc Machina Collection
Poetry is part of the Arc Machina startup studio ecosystem.
MACHINA
reputation
circle
Built inside a startup studio ecosystem, our ventures move faster, integrate deeper, and scale intelligence, not overhead.
Native Mobile Apps
iOS (Swift/SwiftUI) + Android (Kotlin/Jetpack Compose)
Offline-First • Real-Time WebSocket • Biometric Auth • Push Notifications • Home Screen Widgets
Mobile Architecture Overview
Native Apps with Shared Backend Infrastructure
System Architecture
iOS App
Swift / SwiftUI
Android App
Kotlin / Compose
WebSocket Gateway
Socket.io at /api/mobile/stream
NestJS API
Camunda
PostgreSQL
Feature Modules (Per Platform)
API Modules (NestJS)
Dashboard & Real-Time KPIs
Live Performance Data with WebSocket Updates
Dashboard Features
Key Capabilities
WebSocket pushes live KPI changes instantly
7-day trend visualization per metric
Meta, Google, TikTok, LinkedIn spend allocation
Manual data sync with offline fallback
Approval Workflow
Swipe Gestures + Offline Queue for Uninterrupted Decision-Making
Approval List
Offline Queue
Alerts & Anomaly Detection
AI-Powered Monitoring with Severity-Based Grouping
Alert Categories
Alert Detail View
Offline-First Architecture
Delta Sync Protocol with Optimistic Locking
Mobile App
Local SQLite cache
Sync API
Compare versions
PostgreSQL
Source of truth
Security & Compliance
Enterprise-Grade Mobile Security Architecture
Authentication
Token Storage
Device Integrity
Home Screen Widgets & Push Notifications
Glanceable Intelligence + Proactive Alerts
iOS & Android Widgets
Push Notification Types
Multi-Tenant White-Label
ONE app binary that dynamically brands itself per tenant
Rival is B2B2B. Organizations like Poetry serve multiple tenants like Nissan and Toyota. Every user now sees their tenant's brand — colors, logo, fonts, tagline — instead of hardcoded Rival indigo.
Dynamic Tenant-Aware Theming
Same APK, Different Brand
Tenant Discovery Login Flow
Login State Machine
6-Phase Implementation
White-Label Architecture Overview
Reactive Compose Theming
Core Pattern: TenantThemeManager
// TenantThemeManager.kt object TenantThemeManager { val theme = mutableStateOf( TenantTheme.Default ) fun loadTheme(config, ctx) { theme.value = TenantTheme .fromBranding(config.branding) // Cache to SharedPreferences cacheTheme(ctx, theme.value) } }
White-Label Backend API
Two Endpoints, Two Auth Levels
White-Label Security
Built with Defense in Depth
// RivalApiClient.kt private val authInterceptor = Interceptor { chain -> val builder = chain.request() .newBuilder() getAuthToken()?.let { builder.addHeader( "Authorization", "Bearer $it" ) } getTenantId()?.let { builder.addHeader( "X-Tenant-ID", it ) } chain.proceed(builder.build()) }
Lobby Screen
Premium First-Time Experience
Brand Reveal Animation
The “Wow Moment” — Generic to Branded in 1.5 Seconds
iOS: Circle().clipShape() with .spring(response: 0.8) animation
#C3002F
Invite Link System
Pre-Configured Onboarding via Shareable Links
app.rival.io/invite/Xk9mP2iOS: Universal Links via Associated Domains
Fallback: Smart banner → App Store → deferred context
invitations table
POST /api/mobile/invites
GET /invites/:code (public)
/settings/invites
/settings/invites with email input, role selector, pending invite table, copy-link, and status badges (Pending / Used / Expired).
Three-Environment Architecture
Dev → QA → Production pipeline with infrastructure-as-code
Local Development
Docker Compose with 20 services • Single docker compose up
QA — GKE Cluster Profile
Live data from poetry-standard cluster • Captured Feb 7, 2026
| POD | IMAGE | CPU | MEMORY |
|---|---|---|---|
| api | rival-qa-docker/api:latest | 2m | 295Mi |
| web | rival-qa-docker/web:latest | 1m | 166Mi |
| cib7 | cibseven:run-2.1.0 | 3m | 657Mi |
| postgres | pgvector:pg17 | 20m | 70Mi |
| neo4j | neo4j:5.15 | 9m | 502Mi |
| redis | redis:7-alpine | 10m | 3Mi |
| cloudflared (x2) | cloudflared:2024.12.2 | 8m | 35Mi |
| TOTAL (8 pods) | 53m | 1,728Mi | |
Production Architecture
Managed services for data tier • Knative autoscaling • Multi-node HA
| Component | QA | Production |
|---|---|---|
| PostgreSQL | In-cluster (pgvector) | Cloud SQL |
| Redis | In-cluster pod | Memorystore |
| Neo4j | In-cluster pod | Neo4j Aura |
| App Services | Static Deployments | Knative (autoscale) |
| Image Tags | :latest / :sha | :stable |
| VMs | Spot (70% savings) | On-Demand (SLA) |
| Registry | rival-qa-docker | rival-prod-docker |
PostgreSQL — Consolidated Database
Single PostgreSQL instance with pgvector • 4 databases • 3 users • 3 schemas in rival DB
Schemas:
public (app), eams_audit (audit), knowledge_base (KB)
CIB7 runtime, history, repository & identity tables
GA4, RSS, Slack alerts, competitive intel
ERD — Core Domain Models
Multi-tenant foundation • Organization → Tenant → User hierarchy • 115 models across 21 domains
Styx Solution Builder
Enterprise-grade 12-step wizard for agentic workflow creation, testing & deployment
12-Step Wizard Pipeline
Each step calls real backend APIs — zero simulations, zero hardcoded data
Key Capabilities
Four pillars powering the Solution Builder experience
Solutions Marketplace
- Browse & install pre-built solutions
- Live API-driven catalog (no hardcoded data)
- Publish your solutions for other tenants
- Category filtering & search
BPMN Process Designer
- Embedded visual process modeler
- Design workflows inside the wizard
- Export BPMN 2.0 standard XML
- Integrated with Camunda engine
CortexOne Functions
- Browse CortexOne function marketplace
- Request new functions with approval flow
- Real API calls (no console.log stubs)
- Attach functions to solution workflows
Test → Provision → Launch
- Steps 10-12 call real backend APIs
- Backend-driven test results (no setTimeout)
- Real provisioning status & error handling
- Launch with invitation delivery via API
Solution Management
Full lifecycle: dashboard, detail view, edit, and delete with confirmation
Solutions Dashboard
+ New SolutionSolution Detail View
Code Integrity Transformation
13 violations eliminated across Tier 3 Facades and Forbidden Patterns
Architecture & Data Flow
End-to-end flow from wizard UI to deployed solution with auth at every layer
Implementation Summary
Delivered across 3 PRs with full SDLC orchestration and CDD compliance
- Fixed handleSubmit data persistence
- Auth tokens on all API calls
- Type alignment (wizard ↔ API)
- Error response parsing
- Detail + Edit pages
- Delete with AlertDialog
- Replaced all setTimeout simulations
- Real test API with backend results
- Real provisioning with status
- Real launch with invitations
- Removed Math.random() durations
- Removed hardcoded toggles
- Functions API (no console.log)
- BPMN modeler embedded
- Marketplace from live API
- Error states (not hidden empty)
- Keyboard navigation (Escape)
- localStorage draft persistence
Release History
Platform Changelog & Version Tracking
Current Version: 2026.02.9 | Last Release: February 8, 2026
February 8 Release Wave
8 releases in one day: 2026.02.2 – 2026.02.9
Native Mobile Apps (2026.02.2)
- iOS (Swift/SwiftUI) + Android (Kotlin/Compose)
- 10 features: Auth, Dashboard, Approvals, Alerts, Widgets
- 4 backend modules: Alerts, Sync, WebSocket, Push
- Biometric login via Descope SDK
White-Label Onboarding (2026.02.3-5)
- Multi-tenant branding: dynamic colors, fonts, logos
- Lobby screen + brand reveal circle animation
- Invite link system with deep links (iOS + Android)
- Admin invite management portal
Report Scheduling (2026.02.7)
- Cron-based scheduling with DST-aware timezones
- Optimistic locking for multi-instance safety
- Per-source connector sync cadence management
- Next.js management UI with pause/resume
API Security (2026.02.9)
- Encrypted push token storage (AES-256-GCM)
- Optimistic locking on task completion (ETag)
- TenantGuard + @CurrentUser() fixes
- First-time user onboarding flow (iOS + Android)
Release 2026.02.1
February 7, 2026 • Security Pipeline Release
🔒 7-Gate Security Pipeline
- Gate 1: SAST - ESLint + Semgrep
- Gate 2: SCA - pnpm audit + Socket.dev
- Gate 3: Secrets - Trivy filesystem scan
- Gate 4: Config - Trivy IaC + Hadolint
- Gate 5: License - GPL/AGPL/SSPL blocking
- Gate 6: Container - Trivy + Grype
- Gate 7: DAST - OWASP ZAP
Security Fixes
- GCM auth tag length fix (CWE-347)
- brace-expansion vuln → 5.0.1
- Semgrep test file exclusions
- Trivy secret scan filtering
| Area | Change | Impact |
|---|---|---|
| Pipeline | 7-gate security scanning based on policy2control | Enterprise-grade security |
| Security | GCM authTagLength: 16 for createDecipheriv | CWE-347 vulnerability fixed |
| Dependencies | @isaacs/brace-expansion → 5.0.1 | SCA vulnerability resolved |
| Scripts | license-scan.sh, dast-scan.sh added | Gates 5 & 7 implementation |
Release History
| Version | Date | Type | Key Changes |
|---|---|---|---|
| 2026.02.9 | Feb 8, 2026 | Security | Encrypted push tokens, optimistic locking, mobile onboarding |
| 2026.02.7 | Feb 8, 2026 | Feature | Report scheduling backend + UI, cron poller, connector sync |
| 2026.02.5 | Feb 8, 2026 | Feature | Premium white-label onboarding, brand reveal, invite system |
| 2026.02.2 | Feb 8, 2026 | Feature | Rival Mobile (iOS + Android): 10 features, 4 backend modules |
| 2026.02.1 | Feb 7, 2026 | Security | 7-gate security pipeline, GCM auth fix, license scanning |
| 2026.01.7 | Jan 25, 2026 | Security | Docker Trixie images, Snyk CVE fixes, KG Explorer |
| 2026.01.6 | Jan 20, 2026 | Feature | Social platform APIs, Google Workspace clients |
| 2026.01.5 | Jan 18, 2026 | Feature | Google Workspace integration, OAuth/SA auth |
Versioning Scheme: CalVer
Format: YYYY.MM.release
- YYYY: Year (2026)
- MM: Month (01-12)
- release: Release # within month
Platform Stats
CHANGELOG.md
Google Workspace: Domain-Wide Delegation
Enterprise-grade access to organization-wide data via service account impersonation
Architecture Comparison
Individual OAuth (Current)
User B ──OAuth──► Their Data Only
User C ──OAuth──► Their Data Only
⚠️ Requires each user to authenticate
Domain-Wide Delegation (Enterprise)
──impersonate──► User B's Data
──impersonate──► User C's Data
──impersonate──► All Users...
✓ No user interaction required
Enterprise Capabilities
Security & Compliance
- ✓ Super Admin approval required in Google Admin Console
- ✓ Explicit OAuth scope whitelisting per service account
- ✓ Full audit trail in Google Workspace Reports
- ✓ Credentials encrypted via GCP Secret Manager
Knowledge Extraction
Index all docs, emails, and files for AI-powered search
Compliance & Audit
eDiscovery, retention policies, regulatory compliance
Background Sync
Automated data ingestion without user interaction
Cross-Org Analytics
Aggregate insights across all users and teams
Knowledge Graph Explorer
Interactive visualization of Neo4j knowledge entities with gap detection and AI ideation
Entity Filtering
Campaign, Client, Signal, SemanticEntity types
Gap Detection
Find disconnected clusters and isolated nodes
AI Ideation
Suggest bridges between disconnected entities
Detail Panel
Inspect node properties and relationships
Technology Stack
GCP Security Hardening
Fail-Closed Services, Least Privilege IAM, Key Rotation & Operational Safeguards
🔒 Fail-Closed Services
🛡️ IAM Least Privilege
⚡ Rotation & Safeguards
PR: #947 | 12 files modified across API, Terraform, Cloudflare | GCP Security Advisory Response
Observability Platform
Three Pillars: Metrics, Logs, Traces — Unified with AI Governance
📊 Three Pillars
📋 Dashboards & Alerts
⚙️ Docker Services
View Full PRD | ADR-0007 ACCEPTED | GOV-011 through GOV-018 | SOC2 CC7.2
Going to Production
From QA to rival.io — Phased Rollout for Enterprise Readiness
A comprehensive 7-phase, 5-week production deployment plan bringing the full Rival platform to a dedicated GCP project with HA infrastructure, observability, and enterprise SLOs.
Production Architecture
Dedicated GCP Project • Regional HA • Cloudflare Edge
GCP Infrastructure
Cloudflare Edge
Application Tier
Phased Rollout Timeline
7 Phases over 5 Weeks — Each Phase Has Exit Criteria
Integration Classification
Day 1: Launch-Critical • Day 2: Feature-Flagged Expansion
Day 1 — Required (7)
Day 2 — Feature-Flagged (13)
@rival/shared feature flagsCost & SLO Targets
Optimized for Early Stage • Scales with Demand
Monthly Cost Breakdown
| Component | Cost |
|---|---|
| GKE Autopilot (Regional) | $450-650 |
| Cloud SQL HA (4vCPU/15GB) | $320-380 |
| Redis HA (5GB) | $140-175 |
| GCS + Registry + Build + Egress | $40-70 |
| Cloudflare Pro + Descope | $20 |
| Observability (in GKE) | $50-100 |
| Total Baseline | $1,050-1,500 |
Service Level Objectives
Go-Live Checklist & Sprint Plan
31 Tickets across 5 Sprints
Infrastructure
Security
Observability
Testing
Docs
View Full PRD | 10 Terraform Modules | 7 Day 1 Integrations | $1,050-1,500/mo