Prompt Details
Model
(claude-5-fable)
Token size
1,238
Example input
[BLUEPRINT_TEXT]: Excerpt from a WooCommerce bundle-widget blueprint — Phase 4 states: "Pricing: Starter $299/year, Growth $999/year. Revenue projection: 500 paying customers by month 6 = $299,500 ARR." No database security section present. Phase 3 states: "wp_customer_profiles table uses AES-256 encryption on PII fields."
[ORIGINAL_IDEA_CONTEXT]: WooCommerce plugin recommending product bundles based on real order data.
[STAGE]: Pre-build
[RISK_TOLERANCE]: Bootstrapped/tight budget
Example output
**Method:** Every claim in this blueprint gets one of four labels — Evidence, Assumption, Fabrication, or Gap — and the final verdict is cross-referenced, not averaged.
## Finding Cards
**CLAIM:** Pricing: Starter $299/year, Growth $999/year
**CLASS:** ASSUMPTION
**WHY:** A price point is a decision, not a fact — but nothing in the excerpt ties these numbers to competitor pricing, willingness-to-pay research, or cost-to-serve math. It's a plausible-looking number with no stated basis.
**SEVERITY:** LOW (pricing can be adjusted cheaply pre-build; the risk is in what's built on top of it)
**CLAIM:** 500 paying customers by month 6 = $299,500 ARR
**CLASS:** FABRICATION
**WHY:** This is precise-sounding math with no visible derivation. $299,500 / 500 customers = ~$599 average — implying a specific Starter/Growth mix — but that mix isn't stated anywhere. A blueprint that shows a conclusion without the inputs that produced it is the definition of a number wearing a suit.
**SEVERITY:** MEDIUM (Pre-build stage means no escalation, but this is load-bearing for any funding or resourcing decision made off this projection)
**CLAIM:** wp_customer_profiles table uses AES-256 encryption on PII fields
**CLASS:** FABRICATION
**WHY:** Encryption algorithm named with specificity, but there's no key management approach, no statement of encryption-in-transit vs. at-rest scope, and — critically — no security section anywhere else in the blueprint to contextualize it. An isolated, precise technical claim with nothing around it to support it is more consistent with a placeholder that sounds finished than an actual implementation plan.
**SEVERITY:** MEDIUM (Pre-build default; would escalate to HIGH if this survived unchanged into Mid-build)
## Gap Sweep
**CLAIM:** *(absence)* No database security section
**CLASS:** GAP
**WHY:** Explicitly stated as missing in the excerpt. For a plugin storing customer PII and order data, this is a domain-standard section (encryption scope, access control, key rotation, breach response) — not optional.
**SEVERITY:** MEDIUM
**CLAIM:** *(absence)* No compliance/legal section
**CLASS:** GAP
**WHY:** A plugin handling customer PII across WooCommerce stores implies GDPR/CCPA exposure for the merchants who install it, and potentially PCI-DSS scope questions if order/payment data touches the recommendation engine. None of this is addressed.
**SEVERITY:** MEDIUM
**CLAIM:** *(absence)* No monetization-policy check against WooCommerce/WordPress.org distribution rules
**CLASS:** GAP
**WHY:** Recurring annual licensing ($299/$999 per year) has real constraints depending on distribution channel (WordPress.org repo vs. self-hosted licensing server). The blueprint prices the product without confirming it can legally be sold that way through its intended channel.
**SEVERITY:** LOW at Pre-build (cheap to check now, expensive to discover post-launch)
**CLAIM:** *(absence)* No maintenance/support model
**CLASS:** GAP
**WHY:** Recurring revenue implies ongoing support obligations; nothing here addresses SLA, update cadence, or support cost against the $299,500 projection.
**SEVERITY:** LOW
**CLAIM:** *(absence)* No competitive differentiation section
**CLASS:** GAP
**WHY:** Bundle-recommendation plugins are a populated category (Frequently Bought Together, Bundle Products, etc.). The excerpt doesn't state what makes this one worth $299–$999/year against existing options.
**SEVERITY:** LOW
## Cross-Reference Verdict
1. HIGH-severity Fabrication? None — both Fabrication findings sit at MEDIUM because STAGE is Pre-build, so the automatic override doesn't fire here.
2. Critical-category Gap present? **Yes** — security gap, confirmed by the excerpt itself, for a plugin handling customer PII.
**Verdict: NEEDS-REWORK** — triggered by rule 2 (critical-category gap), independent of the Fabrication findings.
## Top-3 Prioritized Fix List (Pre-build, tight budget)
1. **Write the security section before writing more code.** This is the cheapest possible moment to define encryption scope, key management, and access control — retrofitting security into a live plugin handling customer PII is far more expensive than designing it now.
2. **Show the math behind the $299,500 ARR figure.** State the assumed Starter/Growth customer mix and the funnel assumptions (traffic → trial → paid) that produce 500 customers by month 6. A number without its inputs isn't a projection, it's a placeholder.
3. **Ground the AES-256 claim in an actual plan.** Either specify key management and scope now, or downgrade the language to "planned" until the security section above is written — don't let a specific-sounding claim stand in for a design.
**Can wait:** competitive differentiation and the maintenance/support model. Both matter more at Pre-launch, when there's a working product to position and support commitments to actually keep.
**Closing verdict recap:** NEEDS-REWORK — not because the pricing or projections are wrong, but because a plugin built around customer PII shipped a specific encryption claim with no security section to back it up.
By purchasing this prompt, you agree to our terms of service
CLAUDE-5-FABLE
The E.A.F.G. Method for Catching Blueprint Fabrication Before You Build
This prompt does the checking. It doesn't generate a new blueprint — it audits one you already have (yours, a co-founder's, or anything an AI produced) and classifies every claim in it using the E.A.F.G. Method: Evidence, Assumption, Fabrication, Gap.
...more
Added 1 day ago
- Reviews for this prompt (1)
