Operator: private rendered demand board at /__operator/wishes#438
Merged
Conversation
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
The raw wish feed at /api/wishes is deliberately public (a demand beacon) and the paid demand-radar tool sells the analysis on top. The operator still wants a glanceable strategic read of the same data without standing up a public dashboard that would give that intelligence away for free. This adds that view behind the existing operator token. New src/operator-wishes.js renders the full board, ranked, every cluster including single-source and below-threshold ones, with the qualification verdict spelled out per row (qualified / single-source / held / below) plus a summary split. Wired at GET /__operator/wishes with the same 404-gate as /__operator and /__operator/leads (timing-safe AGENT402_OPERATOR_TOKEN via Authorization: Bearer / X-Operator-Token header or ?token= magic-link, which the page strips from the URL on load). Linked from the operator dashboard nav. robots.txt also disallows /__operator now. The path already 404s without the token, so this is belt-and-suspenders to keep well-behaved crawlers from probing it at all. The aggregate's text field is pre-escaped by getWishesAggregate, so the page inserts it without re-escaping; a double-escape test guards that. Tests: scripts/test-operator-wishes.js (verdict rendering, operator sees unqualified rows, no double-escape, not-public labelling, robots disallow, empty state). Manually verified the live gate: 404 without/with-wrong token, 200 with the right token. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
MikeyPetrillo
marked this pull request as ready for review
July 18, 2026 02:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds the rendered demand-board view, kept operator-only on purpose.
Why private
The raw feed at
/api/wishesis deliberately public (a demand beacon that pulls sellers in), and the paiddemand-radartool sells the analysis layer on top. A polished public demand dashboard would give that strategic intelligence away for free and cannibalize the paid tool. So this view lives behind the operator token, not on a public route.What
src/operator-wishes.js: the full board, ranked, every cluster including single-source and below-threshold ones the public feed never shows ranked, with a per-row qualification verdict (qualified / single-source / held / below) and a summary split (at-threshold, qualified, held).GET /__operator/wishes, gated by the same timing-safeAGENT402_OPERATOR_TOKEN404-gate as/__operatorand/__operator/leads(Authorization: Bearer / X-Operator-Token header, or ?token= magic-link that the page strips from the URL on load). Linked from the operator dashboard nav.robots.txtnow disallows/__operator. The path already 404s without the token; this is belt-and-suspenders so well-behaved crawlers never probe it.Verification
Booted locally: 404 without a token, 404 with a wrong token, 200 with the right token rendering real seeded data. Offline test
scripts/test-operator-wishes.jscovers verdict rendering, operator visibility of unqualified rows, no double-escaping of pre-escaped text, the not-public labelling, the robots disallow, and the empty state. Existing robots-policy and discovery tests still green.Note: this does not change the public exposure of
/api/wishesitself. If you want the raw public feed restricted or trimmed too, that is a separate product decision (it is linked from llms.txt / SEO and is the free tier the paid tool sits above) and can be a follow-up.🤖 Generated with Claude Code