CHATBOTS
Agentic WAF Investigator with Discord Approval Gate
An autonomous agent investigates a Discord-reported WAF block end to end: pulls Cloudflare logs, correlates with PagerDuty incidents, decides if an allowlist is safe.
How it runs
The automated pipeline, trigger to output.
- TriggerInvestigation request in DiscordDiscord
- ActionFetch event and rule matches from CloudflareCloudflare
- ActionCheck PagerDuty for active incident on pathPagerDuty
- LogicReason and draft allowlist or decline
- OutputPost draft to Discord for human approvalDiscord
- ActionOn approval, file change ticket in LinearLinear
What it does
Hands a full WAF investigation to an agent. From a single Discord report it gathers the Cloudflare firewall event, checks PagerDuty for any active security incident on the same path, reasons about whether an allowlist is safe, and proposes a scoped rule. A human approves in Discord before the Linear change ticket is created.
When to use it
Use it for higher-stakes blocks where context matters: you want the bot to actively rule out an ongoing attack before recommending a bypass, not just pattern-match a single event. The Discord approval gate keeps a human in the loop.
How it works
- 1A WAF investigation request in Discord triggers the agent.
- 2The agent fetches the firewall event and recent matches for that rule from Cloudflare.
- 3It queries PagerDuty to confirm no active incident targets the same endpoint.
- 4The agent reasons over the evidence and drafts either a scoped allowlist or a decline with rationale.
- 5It posts the draft to Discord and waits for an explicit human approval reaction.
- 6On approval, it files the change as a Linear issue and links it back in Discord.
Set it up
What you configure once, before turning it on.
- 1Connect DiscordCommunity channels + voice + bots.
- 2Connect CloudflareWorkers, Pages, R2, KV — the edge stack.
- 3Connect PagerDutyIncidents, on-call, escalations.
- 4Connect LinearIssues, projects, cycles, triage.
- 5Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 6Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 7Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More Chatbots workflows
Discord WAF False-Positive Triage from Ray ID
When a user posts a Cloudflare ray ID in a Discord support channel, the bot looks up the blocked request's WAF event, classifies whether it looks like a genuine false positive.
Discord Onboarding Completion to CRM Sync
The moment a member finishes Discord onboarding, captures their submitted profile answers, creates or updates a contact in HubSpot.
Draft WAF Allowlist Proposal to Linear from Discord Report
Lets a support engineer confirm a Discord WAF report is a false positive, then auto-drafts a scoped Cloudflare allowlist rule proposal and files it as a Linear ticket…
Discord FAQ Free-Text Answer Grader
When a member submits a free-text answer in their onboarding thread, an agent grades it against the canonical FAQ knowledge base, replies with targeted feedback.
Discord FAQ-Gated Role Concierge
Greets each new Discord member in a private onboarding thread, walks them through required FAQ steps one at a time.
Slack /rollback Concierge with Approval Gate and Audit Trail
An operator types /rollback <project> in Slack; the bot pins the current Vercel deployment, requests a peer approval.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.