AI orchestrator

Custom playbooks

Tenant-specific playbooks the orchestrator tries before the built-in registry. A custom playbook describes match rules (title / category / framework / MITRE / resource attributes), the evidence gatherers to run, and a prompt addendum the LLM gets when this playbook fires. Author a starter spec below.

New playbook

Server-validated by Zod. Invalid specs are rejected with a clear error. The built-in registry is always tried after yours, so the worst case is "no custom rule matched."

Tenant playbooks (0)

Ordered by priority asc. 0 enabled · 0 disabled.

No custom playbooks yet

Author one above. Until you do, the orchestrator uses only the built-in registry.

Playbook spec (JSON)

All match clauses AND together; within a list-typed clause, entries OR. The evidence field accepts only the allowlisted gatherer ids. systemPromptAddendum is spliced verbatim onto SYSTEM_PROMPT when this playbook matches — cite your runbooks, internal escalation paths, Slack channels.

Priority Lower runs first. Built-ins are at 1000 — anything < 1000 wins.