FullAgenticStack WhatsApp-first Anti-Patterns: A Reference Handbook
Organized by Category and Severity Severity Legend: π΄ CRITICAL : Blocks deployment. Risk of fraud, financial loss, or legal violation. π HIGH : Severely degrades experience. Requires priority fix. π‘ MEDIUM : Moderate impact. Should be addressed in future sprints. π’ LOW : UX improvement. Non-blocking. 1. SECURITY & TRUST (8 anti-patterns) π΄ AP-01: Ignoring Anti-Fraud Phone number provides implicit identity, not perfect authentication. Risky actions require progressive friction. Example: Someone with the customer's WhatsApp (stolen phone, cloned chip) requests address change. System accepts just because "it's the customer's number". Effect: Diverted delivery + fraud. π΄ AP-02: Sensitive Data in Plain Text CPF, credit card, medical prescription β all stored without encryption/redaction. Signal: Complete log exposes PII without protection. π΄ AP-03: Weak Confirmation (yes/no) Without Object Binding "Yes" without tying to order/action becomes ambiguity and fraud. Example: User responds "yes"
Continue reading on Dev.to
Opens in a new tab
