# Review a sudden spike in negative reviews

> Compare a bounded low-rating window with a verified baseline, identify concentrated sellers or listings, and return evidence for a human incident decision.

## Agent adaptation contract

- Canonical human page: https://agentry.sh/workflows/review-bomb-detection
- Execution mode: human_review
- Immutable automation template: none
- Applies to: marketplace, ecommerce, content-media
- Required example events: review_submitted
- Required Agentry resources: analytics, deploys
- Do not use when:
  - Do not use until the example events are mapped to observed project signals, the current onboarding state is verified, and live event/property reads prove the required data is present.
  - Do not automatically send, publish, suppress, mutate, or contact anyone from this workflow.
- Ask before using:
  - Which observed events map to review_submitted? Is the current onboarding state verified, and do live event/property reads show non-synthetic traffic for them?
  - Which live properties provide review_submitted.rating, and which stable user or account identifier joins the signals?

This is an adaptable workflow example, not an API recipe. Map event and property names to the project's saved signal map, require status: "verified" from GET /v1/projects/:project_id/onboarding, and confirm the required signals through live event/property metadata and rows. Fetch current OpenAPI or query-blueprint details before making calls. Do not infer unattended authority from this page.

## Why this matters

A burst of one- and two-star reviews can indicate coordinated abuse, a seller
quality problem, or a product regression. The multiplier alone is not enough:
a change from one review to three looks dramatic but may be noise. A useful
review includes the absolute count, historical baseline, concentration, sample
window, and nearby deploys.

## Run the review

First prove the telemetry exists:

```text
GET /v1/projects/:project_id/event-names
GET /v1/projects/:project_id/event-property-keys?events=review_submitted
GET /v1/projects/:project_id/onboarding
# Require status: "verified"; use live event/property reads for the selected signals.
```

If `review_submitted.rating` is missing or partial, report that gap instead of
calculating a rate. Otherwise, in the interactive owner session, fetch the
filtered schema for `POST /v1/projects/:project_id/analytics/query` and run a
bounded custom analysis that returns:

- low-rating count for the current 15-minute window;
- comparable 15-minute buckets across the prior seven days;
- median and upper-percentile baseline, not only an average;
- counts by `seller_id` and `listing_id` with minimum sample sizes;
- recent deploys that overlap the start of the spike.

Do not include full review text by default. If text is needed to distinguish
abuse from a fulfillment failure, sample the minimum necessary rows and keep
them in the owner-controlled session.

## Output format

```text
Negative-review review — <UTC window>

Current low ratings: <count>
Historical median per 15m: <count>
Historical p95 per 15m: <count>
Multiplier vs median: <value>
Evidence quality: <answerable | partial | missing>

Concentration
- <seller/listing> — <count> — <share> — <minimum sample met?>

Possible explanations
- <hypothesis> — <supporting evidence> — <contradicting evidence>

Human decisions
- investigate abuse / fulfillment / deploy regression / keep observing
```

A human decides whether to contact support, pause a listing, roll back a
release, or share the report. This workflow grants none of those actions.

## Instrumentation

Send review creation from the trusted application server:

```ts
await fetch("https://api.agentry.sh/v1/analytics/", {
  method: "POST",
  headers: {
    "Authorization": `Bearer ${process.env.AGENTRY_SERVER_API_KEY}`,
    "Content-Type": "application/json",
    "User-Agent": "marketplace/1.0",
  },
  body: JSON.stringify({
    event: "review_submitted",
    distinct_id: reviewer.id,
    properties: {
      rating: review.rating,
      seller_id: review.seller_id,
      listing_id: review.listing_id,
    },
  }),
});
```

## Unattended boundary

No current versioned automation template grants generic HogQL, raw review
access, messaging, or listing mutation. Keep this analysis on demand until a
narrow immutable server-owned source and matching policy exist.

## Variations

- *"Compare low-rating concentration by seller tenure."*
- *"Cross-reference the spike with disputes and fulfillment failures."*
- *"Compare the first hour after the latest deploy with its prior-period baseline."*
- *"Draft an incident summary for a trust lead to review; do not send it."*
