runbookify
← All plans
Customer Support & Service / Ticket Intake & Triage

Spam & Out-of-Scope Filter

Build an internal tool that screens incoming requests, flags spam, vendor pitches, recruiter outreach, and out-of-scope asks with a clear reason, and sends the borderline ones to a human review list before anything leaves intake.

BeginnerAn afternoonBuilds onNext.js (App Router) on VercelSupabase (Postgres, Auth, RLS, Storage)Resend (email notifications)
What you'll build

A login-protected screening tool: load a batch of inbound requests, get each one labeled in-scope / out-of-scope / spam with a reason, review flagged items by hand, then archive confirmed junk or rescue real requests back into your queue, with everything logged.

Gated download

Enter your email — the plan downloads instantly and a copy lands in your inbox.

By submitting your email you'll also receive the weekly runbookify newsletter. You can unsubscribe at any time.

Before you start

  • A CSV/Sheet export or a pasted batch of incoming requests (sender, subject, message)
  • A rough idea of what 'in scope' means for your team (the plan helps you pin this down)
  • Free Vercel, Supabase, and Resend accounts (the plan walks you through them)

The problem this kills

Your triage queue is a swamp. For every real customer who needs help, your agents wade through vendor cold pitches, recruiter spam, "quick partnership" emails, and requests for things your team simply doesn't handle. Every one of those still has to be opened, read, judged, and dispositioned by a human. That's capacity you're burning on junk before you ever get to the people who actually matter.

The lazy fix - an aggressive auto-delete rule - is worse than the problem. The day it eats a real customer's urgent request, you've turned a small annoyance into a trust-destroying mistake, and you'll never even know it happened.

What you actually want is a screener that does the tedious first pass for you - reads each incoming request, calls out the obvious junk with a plain-English reason - but never makes the final call alone. A human always confirms before anything leaves intake.

What you'll build

A small, private web app that your triage team logs into. You paste in (or upload) a batch of incoming requests. The tool reads each one and labels it in-scope, out-of-scope, or spam, and writes a short reason for every flag ("recruiter outreach - mentions a job opening and your hiring page," "asks about a product you don't support").

Anything flagged lands in a review list, not the trash. A person scans the list, agrees or overrides with one click - confirm junk or rescue to queue - and only then does anything move. Confirmed junk gets archived; rescued requests get routed back to your real intake. Every decision, human and AI, is logged with who and when.

What's inside the Implementation Plan

  • It interviews you first. Before building anything, the plan has the AI agent interview you about your actual team: what "in scope" really means, which vendor and recruiter domains you already recognize, the shape of your export, your typical and peak inbound volumes, and your messiest edge cases. It reflects a short spec back to you for a thumbs-up, then tailors the whole tool to your answers - so you get your filter, not a generic template.
  • A step-by-step build, where every step ends with a ready-to-paste prompt for your AI coding agent.
  • A data model and AI labeling rules shaped by your scope definition and known-vendor list.
  • A human review screen with confirm / rescue / override and a mandatory reason on every flag.
  • A duplicate guard (sender + subject) so the same item can't be screened twice.
  • A "No API yet?" fallback that works from a Google Sheet / CSV today and exports a clean, in-scope-only list in the exact columns your system expects.
  • A verification checklist so you know it actually works before you trust it.

The governance it includes (this is the point)

  • Login so only your team can open the tool.
  • Row-level security so each organization only ever sees its own requests.
  • A complete audit trail - every AI label and every human decision recorded with who and when.
  • A hard human-in-the-loop gate - nothing is ever auto-deleted; the AI only drafts a flag, and a person must confirm before anything leaves intake. The gate is mandatory and fully reversible, because a false positive (a real customer marked spam) is the expensive mistake.
  • Duplicate guards so re-uploading a batch doesn't double-process anything.

Who it's for

Triage agents and team leads who are drowning in low-value inbound and want their humans spending time on real customers instead of cold pitches and junk. No coding experience needed - if you can fill out a form and paste a prompt, you can build this.

You've got this - paste the first prompt and let the interview tailor the tool to your team.

Gated download

Enter your email — the plan downloads instantly and a copy lands in your inbox.

By submitting your email you'll also receive the weekly runbookify newsletter. You can unsubscribe at any time.