Conversation
Co-authored-by: Ryan Vogel <ryan@inbound.new>
|
Cursor Agent can help with this pull request. Just |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| deliveryFailures, | ||
| failedSends, | ||
| uniqueFailedRecipients, | ||
| topRejectedDomainCount: uniqueFailedRecipients, |
There was a problem hiding this comment.
Domain risk profile uses wrong metric for rejection concentration
Medium Severity
In runDomainCommand, topRejectedDomainCount is set to uniqueFailedRecipients (count of distinct failed recipients), but buildRiskProfile uses this value to detect whether rejections are concentrated on a single recipient domain (checking topRejectedDomainCount / rejectionEventTotal >= 0.6). The other two call sites in listTenantInsights and runAccountCommand correctly pass topRejectedRecipientDomains[0]?.count || 0 — the event count for the single most-rejected domain. This mismatch causes the domain command to produce incorrect risk scores, potentially triggering or missing the concentrated_recipient_domain_rejections flag.
Additional Locations (1)
Co-authored-by: Ryan Vogel <ryan@inbound.new>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 2 total unresolved issues (including 1 from previous review).
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| } else { | ||
| awsError = `${getErrorName(error)} ${getErrorMessage(error)}`; | ||
| } | ||
| } |
There was a problem hiding this comment.
Suppression command ignores withAws flag, always calls AWS
Low Severity
runSuppressionCommand always creates a SES client and calls GetSuppressedDestinationCommand regardless of the --with-aws flag. Every other command gates AWS calls behind input.withAws. This inconsistency means running the suppression command without --with-aws (and without AWS credentials) will always attempt and fail an AWS call, adding latency and producing a potentially confusing awsError in the output.
2 participants
Adds an internal CLI (
bun run investigate) for agents to investigate account, domain, tenant, and suppression issues using Neon DB and AWS data.This CLI provides subcommands for
overview,tenant,account,domain, andsuppression, incorporating shared risk scoring and optional AWS SES enrichments to help identify abuse patterns and service misuse.