← Docs

NuroPicks System-Wide Scaling Audit

Author: Kai, 2026-04-17 Scope: 13 subsystems, 4 scaling tiers (50 to 100k users), self-improvement loop spec, 30/60/90 day plan. Executive summary: The product surface is unusually mature for a pre-revenue platform. Web (44 URLs) and Discord bot (46 commands) are both deployed and type-safe. The real risk concentration sits in three places, ranked by launch-blocking severity:

  1. Persistence layer is in-memory. Every bot restart wipes user bankrolls, bets, streaks, XP, funnel events, and academy progress. The Postgres schema is drafted but not wired. This is the single biggest gap between "polished demo" and "platform."
  2. No money is flowing and no money can flow. Whop + NOWPayments webhook routes are scaffolded but inert. Wyoming LLC is not filed, which blocks NOWPayments KYC and legal review. Domain ownership, EIN, and the $59/mo Odds API key are all also outstanding pre-spend.
  3. Compliance has no attorney on the clock. 21+ gating, 1-800-GAMBLER, and /self-exclude are all present on the surface, but /terms and /privacy have not been reviewed by a sports-betting-adjacent lawyer. Every state NuroPicks accepts traffic from has its own rules and zero of them have been individually audited.

Everything below assumes David closes those three gaps in the first 30 days. The audit + scaling plan + self-improvement loop spec then follow.

1. Gap Audit

Rating legend: PR production-ready, NW needs-work, MX missing.

Subsystem Status Evidence Recommended next action Owner
Web app (Next.js 15, React 19) PR 44 URLs in sitemap.ts, tsc clean, Vercel auto-deploy every phase-13 cycle, PageStructuredData (FAQ + Breadcrumb + BlogPosting + DefinedTermSet) on 7+ pages, 207-term glossary, 6 blog posts, 5-competitor /compare, /compare/pikkit, /for-cappers, /for-teams, /methodology, /nfl-draft, /nba-playoffs, /book-limits Wire real Odds API data to /picks/[sport] pages; they render fake data today. Add OG images (scripted via Nano Banana pro). Kai
Discord bot (discord.js 14.26.3) NW src/bot/index.js loads 46+ slash commands, events, health server, odds-feed stub. Guild 1493431898049876140. Deployed to Railway per LAUNCH_CHECKLIST step 3, token still needs rotation (exposed 2026-04-17). Health endpoint live. Rotate DISCORD_BOT_TOKEN in Developer Portal, set via railway variables --set, verify /health 200. Block flag. David + Kai
Persistence (Postgres + Redis) MX db/schema.sql exists (users, profiles, picks, bets, exclusions, daily_claims, academy_progress, funnel_events, cappers, capper_picks, capper_follows) but nothing in src/bot/services/db.js actually writes to Postgres yet. All state is in-memory Sets/Maps. Bot restart = data wipe. Stand up Neon (pooled + direct URLs), run schema.sql, replace in-memory store in /daily, /bet, /profile, /quiz, /funnel, /self-exclude, /accounthealth with pg queries. 2 weeks eng. Blocks launch. Kai
Picks pipeline (AI core) NW src/bot/services/odds-feed.js scaffolded, no-ops without ODDS_API_KEY. /picks, /potd emit hardcoded stubs today, already ship Why-this-pick 4-factor block + Quarter-Kelly per-user stake sizing. XGBoost scorer is a random-1-to-5 stub. No historical data ingestion yet. Step 1: buy Odds API key ($59/mo). Step 2: wire feed -> store. Step 3: ingest 90 days historical odds + results. Step 4: train XGBoost v0, flip PICKS_MODE=hybrid. ~4 weeks. Kai
Payment rails (Whop + NOWPayments) MX Webhook endpoints planned at /api/whop/webhook + /api/nowpayments/webhook, neither built. No products created on either platform. Both accounts require LLC docs + domain email. File LLC first, get EIN, register hello@nuropicks.com, then create products (Pro $29.99, Elite $79.99, Founding Elite), wire webhook handlers with HMAC verify. Gate behind feature flag until $1 test refund passes. David (accounts) + Kai (code)
Research publisher cron PR scripts/research-publisher-tick.ps1 fires every 2h, drains RESEARCH_PIPELINE.md (currently 50+ queued items, 10+ published). Channel map resolved. Lockfile + PID liveness + stale-lock detection + _alerts.md silent-failure queue all working. Schedule FAQ auto-sync (cron entry pending David approval). Wire cron to refresh channel map when new Discord channels are added. Kai
Phase-13 dev loop cron PR scripts/nuropicks-loop-tick.ps1 every 15 min (currently 45 min cadence after auto-tune). 13 phases per cycle. GAPS.md as single-source-of-truth. Auto-commit per phase group, auto-deploy via vercel --prod --yes at end of cycle. Silent-failure queue. Cadence auto-tune. Extensive IMPROVEMENT_LOG record shows 20+ gaps closed. Add cross-repo memory import so lessons from MGT/Check Up loops flow in. Add CLV-retraining-trigger phase (see Section 3). Kai
Imagery + SEO NW 44-URL sitemap, robots.txt, metadataBase, schema.org JSON-LD on 7+ pages, FAQPage + Breadcrumb + BlogPosting + DefinedTermSet, 40-80 word AEO blocks in progress via research publisher. OG images MISSING across nearly every route. Batch-generate OG images via Nano Banana pro (1 ship, ~30 images). Wire into next/metadata. Submit to GSC + Bing Webmaster after domain routes. Kai
B2B tenant layer (Bet On Command framework) MX /for-cappers + /for-teams landing pages shipped. /apply/capper form wired. CAPPER_OUTREACH_PLAYBOOK.md drafted. Pricing ladder: Solo $100/mo, Team $200/mo, DFY $800 setup + $300/mo. Zero tenants. No multi-tenant data isolation, no per-tenant dashboards, no white-label theming, no group permissioning, no Brand Engine. 6 weeks engineering for first B2B tenant per BOC memory. Pre-reqs: Postgres live, Whop teams plan wired, org-scoped auth. Scope a v0 that ships ONE tenant with manual provisioning. David (sales) + Kai (eng)
Compliance / Responsible Gambling NW 21+ footer on every page + every embed, /self-exclude + /accounthealth bot commands live, /responsible-gambling page with 1-800-GAMBLER banner + 8 warning signs + 4 bot tools + 4 external resources, age-gate #age-verify channel + role. LLC NOT FILED. Legal review NOT DONE. No per-state eligibility check. No attorney-signed /terms or /privacy. No data-export (GDPR/CCPA) flow. File WY LLC ($100) + registered agent ($125) + EIN. Budget $500-1500 for attorney review of /terms, /privacy, age-gate logs, capper-marketplace disclosures. Blocks Elite tier. David
Monitoring NW /api/health (web) + bot /health endpoints return 200. Phase-13 silent-failure alerts queue into _alerts.md and surface to Discord next tick. Log rotation 7-day retention. NO Sentry. NO UptimeRobot. NO dashboarded SLOs. Sign up Sentry free tier, add DSN to Vercel + Railway, wire Sentry SDK into web/src/instrumentation.ts + src/bot/services/sentry.js (both scaffolded). UptimeRobot ping /health every 2 min, alerts to David email + Discord webhook. Kai
Academy + quizzes NW COURSE_CURRICULUM.md 18-module spec (6 free, 6 Pro, 6 Elite). Publisher has shipped M1-M6 Discord embeds autonomously (entire Free tier). 13 /quiz modules live in bot (basics + bankroll + odds + strategy + responsible + embed + lineshop + market + clvmath + kelly + parlays + markettypes + linemove). academy_progress table drafted, not wired. Ship M7-M12 publisher embeds (Pro tier) over next 2 weeks via cron. Extend quiz surface beyond 13 modules once persistence lands. Tie passing quiz to Whop tier role. Kai
Capper marketplace NW /capper-marketplace web page + CAPPER_VERIFICATION.md spec shipped (85/15 split, 3 tiers: Listed / Verified Sharp / Elite, 200+ picks + 90-day audit requirement). cappers + capper_picks + capper_follows tables drafted. Zero cappers listed. No audit tooling. No payout pipeline. Gate on Postgres going live. Then build /apply/capper intake -> admin-review Discord channel -> verification workflow (manual at first, automate CLV calc from bet-tracking). Mar + Glizzy as first two listed internally. David (outreach) + Kai (tooling)
Logging + audit trail NW .loop-logs/ and .research-logs/ capture tick output with 7-day retention. No structured application log. No bet audit trail. No capper-audit log. After Postgres lands, add audit_events table (actor, action, target, diff, ts). Write from bot + web on every mutation. Feeds capper verification + RG compliance + dispute resolution. Kai

Subsystem count: 14. Critical blockers: persistence, payment rails, LLC/legal.

2. Scaling Plan

Cost ranges are USD monthly. Engineering weeks assume a single-operator build cadence (David + Kai, no external hires). Compliance estimates assume US-only traffic with state-by-state geofencing.

Tier 1: 50 users (soft launch, weeks 0-4)

This is where we are right now plus the three blockers closed.

Infra:

  • Vercel hobby -> pro if needed ($0-20/mo)
  • Railway bot container ($5-20/mo, free tier enough for 50 concurrent users)
  • Neon free tier Postgres ($0, 500MB + 3GB compute-hr/mo is plenty)
  • Upstash Redis free tier ($0, 10k commands/day)
  • The Odds API starter plan ($59/mo)
  • Claude API via NuroPicks-scoped key ($20-80/mo at this user count)
  • Sentry free tier ($0, 5k errors/mo)
  • UptimeRobot free tier ($0)
  • Google Workspace 1 seat ($7/mo)
  • Nano Banana Gemini pro (~$5-15/mo metered)

Monthly recurring: $100-200/mo. One-time launch: $550-850 (LLC $100 + registered agent $125 + domains yr1 $150 + legal review $500-1500 if David elects it).

Engineering weeks: 2-3 to close persistence + Whop webhook + Sentry + UptimeRobot. Most scaffolding already in tree.

Compliance / legal: file WY LLC, get EIN, budget attorney review before charging for Elite tier. Hard block on Elite launch.

Biggest bottleneck: David's manual blockers (LLC, domains, Odds API purchase). Kai cannot ship past these.

Tier 2: 1,000 users (growth, months 1-3)

Paying Pro + Elite subs growing from 0 to ~50-150. Bot activity jumps 20x. Most web traffic is SEO + referral from build-in-public.

Infra changes:

  • Vercel Pro ($20/mo, required for team + analytics)
  • Railway from Trial to Pro ($20/mo floor + metered, ~$50-100/mo at this scale)
  • Neon scale plan ($19/mo minimum + compute, ~$30-60/mo)
  • Upstash Redis pay-as-you-go (~$5-15/mo)
  • The Odds API at starter or next tier ($59-149/mo, flip tiers based on book coverage need)
  • Claude API usage grows to $200-500/mo (research publisher + AI picks narrative + in-bot explainers)
  • Sentry paid tier if error volume crosses free ($26/mo)
  • Beehiiv free tier for daily-pick email (can handle 2,500 subs free, paid later)
  • HeyGen + Opus Clip for video ($57/mo, per social-plan spec)

Monthly recurring: $500-900/mo.

Engineering weeks: 4-6.

  • BullMQ migration of onboardingNudges + scheduled posts (was setTimeout, survives restart)
  • Funnel persistence into Postgres (currently Set-in-memory)
  • XGBoost training pipeline (historical odds + results ingest, v0 model)
  • Sentry + UptimeRobot wiring (if not already done at Tier 1)
  • Whop + NOWPayments production flows (test + real refund)
  • Programmatic SEO for player-prop + game-prediction pages (target: +500 URLs, eng budget 2 weeks)

Compliance / legal:

  • Per-state eligibility gate (geofence 8 legal states at minimum)
  • Data-export endpoint (one-shot script OK at this scale, automate later)
  • Age-gate log with Discord user ID + timestamp stored for 7 years
  • First Responsible Gambling escalation playbook (when /accounthealth flags <70, auto-DM RG resources)

Biggest bottleneck: customer support. At 1k users with real bets getting settled, disputes + refund requests + bug reports need a dedicated inbox + Discord mod rotation. David does not want to handle this himself. Budget a part-time mod ($10-15/hr, 10-20 hrs/week) or Glizzy + Mar rotate.

Tier 3: 10,000 users (scale, months 4-12)

Paying subs 500-1500. B2B tenant layer live with 5-20 capper groups. Discord guild hits 10k members.

Infra changes:

  • Vercel Enterprise or stay Pro with metered bandwidth ($20-200/mo depending on traffic)
  • Railway Pro with dedicated instance (~$200-500/mo, horizontal scale for bot)
  • Neon Scale tier ($69/mo + compute, ~$150-400/mo)
  • Upstash Redis Pay-as-you-go (~$50-150/mo)
  • The Odds API Pro plan ($199-499/mo for more books + higher rate limit)
  • Claude API usage ~$1000-3000/mo (narrative generation for picks, capper auto-audit, in-bot AI explainers, research publisher)
  • XGBoost model serving moves off in-process to Modal.com or Fly.io ($50-200/mo)
  • Beehiiv paid ($49/mo at 10k list size)
  • Cloudflare R2 or S3 for OG image + pick-screenshot archive ($5-30/mo)
  • PagerDuty or BetterStack for on-call ($0-40/mo)

Monthly recurring: $2,000-5,000/mo.

Engineering weeks: 12-20.

  • Multi-tenant data layer (group_id FK on every table, row-level security)
  • White-label theming (per-tenant subdomain + logo + color tokens)
  • Group permissioning (admin / capper / member roles inside a tenant)
  • Brand Engine: AI Discord-server-generator for new capper brands
  • Per-tenant billing via Whop teams plan + NOWPayments
  • Capper audit automation (CLV calc from bet-tracking, flag tool for touts, auto-delist at 2x 90-day <0% CLV)
  • Arbitrage scanner (Elite tier, per ARBITRAGE_RESEARCH.md Phase 1 spec)
  • Parlay builder with DK/FD/MGM deep-links
  • iOS + Android wrappers (PWA first, native later if warranted)
  • Beehiiv daily-pick pipeline wired to Postgres

Compliance / legal:

  • Full attorney retainer (~$500-1500/mo) for ongoing state-by-state compliance review
  • W-2G prep + tax-reporting education for users (Module 17 Elite)
  • B2B MSA template for capper Done-For-You deals (attorney-reviewed)
  • Per-state legal opinion as new states open (NY, PA, NJ, AZ, MI, CO, IL, VA baseline)
  • SOC 2 Type I prep starts here if any B2B tenant asks (and they will)
  • Privacy annual audit (CCPA minimum; GDPR if EU traffic)

Biggest bottleneck: the picks pipeline accuracy. At 10k users the AI model's CLV is the product. If the XGBoost v0 is under +1% CLV on closing line, churn spikes. Need a daily retrain pipeline + walk-forward validation + model-version rollback. See Section 3.

Tier 4: 100,000 users (platform, year 2+)

Paying subs 5k-15k. Capper marketplace with 200+ verified cappers. B2B tenant layer at 50-100 groups. ARR target $500k-2M+ per strategic direction memo.

Infra changes:

  • Vercel Enterprise with dedicated support ($300-2000/mo)
  • Railway replaced with Fly.io or AWS ECS for bot horizontal scale ($1500-5000/mo)
  • Neon Business or replaced with RDS Postgres + read replicas ($500-2000/mo)
  • Upstash Redis Business ($200-800/mo)
  • Dedicated Modal / Replicate for model serving ($500-2000/mo)
  • The Odds API Enterprise or OddsJam API partnership ($999-2500/mo)
  • Claude API + OpenAI fallback (~$5k-20k/mo)
  • Observability: Datadog or BetterStack Pro ($200-1000/mo)
  • CDN + WAF via Cloudflare Pro ($20-200/mo)
  • Email: Postmark or AWS SES ($50-500/mo)

Monthly recurring: $10,000-35,000/mo.

Engineering weeks: 40-80 (at this scale one operator is insufficient, assumes David has hired 1-2 engineers).

  • Full observability stack (traces, metrics, logs, SLOs, error budgets)
  • Chaos engineering + DR plan (bot failover, DB read-replica failover, Vercel regional fallback)
  • SOC 2 Type II cert
  • Native iOS + Android apps
  • Session-based BookSync (Path 3 from BOOKSYNC_INTEGRATION_RESEARCH) if economics still favor
  • Exchange integration (Novig, ProphetX, Kalshi)
  • Live in-play AI insights feed (parity with Hard Rock Bet)
  • Creator-model directory with public track records (defensive against Moddy)
  • Prediction-market cross-posting (Kalshi / Polymarket odds in pick embeds)
  • Multi-region deploy (at least US-East + US-West)

Compliance / legal:

  • In-house or fractional general counsel
  • Per-state license review for any state that has specific "betting consultation" licensing
  • KYC on capper payouts > $600/yr (1099 prep)
  • AML review for NOWPayments / crypto flow
  • SOC 2 Type II audit (~$40-80k one-time)
  • Per-state gambling helpline + self-exclusion registry integration
  • International expansion legal opinion if EU / CA / AU in scope

Biggest bottleneck: customer trust + regulatory response speed. At 100k users a single bad press cycle or state cease-and-desist can kill momentum. Pre-emptive compliance investment + published transparency (public CLV audit, published capper-disallowance list, published RG intervention count) is the moat. Engineering is solvable with money; trust is not.

3. Self-Improvement Loop Spec

3.1 Current state

Two crons working in concert:

Phase-13 dev loop (nuropicks-loop-tick.ps1)

  • 15-60 min cadence, auto-tuned per-cycle
  • 13 phases: SEO, security, design, AI-slop, bug hunting, competitor research, Discord infra, gamification, social, onboarding, KB, gap filling, self-improvement
  • GAPS.md is single source of truth; Phase 6 populates, Phase 12 ships, Phase 13 reconciles
  • Per-phase commit, per-cycle auto-deploy (vercel --prod --yes)
  • Silent-failure queue (_alerts.md) surfaces exit-non-zero to next successful tick
  • Cadence auto-tune: 8+ commits or 10+ substantive phases -> speed up, <=3 commits -> slow down

Research publisher (research-publisher-tick.ps1)

  • Every 2h
  • Drains RESEARCH_PIPELINE.md queue (50+ items, Academy modules + FAQ tiers + sportsbook explainers + RG resources + blog posts + per-sport markets)
  • Posts Discord embeds via direct discord.js (bot-token path, MCP-allowlist only covers #dev-chat)
  • Or edits/creates web markdown/components
  • Channel map resolved + persisted in RESEARCH_PIPELINE.md
  • Commits with short summary, lets next dev-loop cycle auto-deploy

What's working:

  • 20+ gaps closed over 72h via the loop
  • Academy Free tier (M1-M6) shipped end-to-end via cron, zero manual posting
  • Two-system division of labor: cron publisher owns rhythm content, dev loop owns code + gap reconciliation
  • IMPROVEMENT_LOG maturity: Phase 13 is detecting patterns across cycles + making cadence decisions
  • No secret leaks, no production outages, no deploy regressions

What's NOT yet working (today's blind spots):

  • No CLV-to-model feedback. Odds API is not live, so no ground truth on pick performance yet.
  • No user-behavior-to-product feedback. Funnel events are logged but not fed back into prioritization.
  • No A/B testing infrastructure. Every web copy + embed change is ship-and-hope.
  • No cross-product memory. Lessons from other MGT projects (Check Up, Holy, SP) do not flow in.
  • No external-signal ingestion on a schedule. Competitor research is manual-ish (Phase 6 sweeps when claude-session decides).
  • No cost budget guardrails. Claude API spend can spike silently if a phase runs hot.

3.2 Feedback loops to add

Six feedback mechanisms, ranked by ROI.

F1. CLV ground truth -> XGBoost retrain (P0, weeks 2-6 after Odds API live)

Every pick posted gets a posted_odds, a closing_odds (captured by a 30-sec pre-close cron), and eventually a result. That tuple produces two signals:

  • Pick-level CLV = closing_decimal / posted_decimal - 1
  • Pick-level W/L record vs model-predicted probability

Build a nightly cron (02:00 ET) that:

  1. Pulls all picks posted > 24h ago with settled results
  2. Computes rolling 30-day CLV + ROI + Brier score per model version
  3. If current model's Brier score degrades > 5% vs prior version, auto-rollback to prior version + ping David
  4. If >= 500 new settled picks accumulated, trigger walk-forward XGBoost retrain
  5. Deploy new model version behind PICKS_MODEL_VERSION flag
  6. First 7 days of new version picks emit at 50% volume + 50% prior version for A/B
  7. Decide winner after 7 days on CLV, close A/B, full cutover

Persistence: model_runs + pick_outcomes tables. Store model .pkl + feature-set in S3/R2 with version hash.

F2. User behavior -> product tuning (P0, weeks 4-8)

funnel_events already captures JOIN, DAILY_CLAIM, FIRST_BET, FIRST_CASINO, ACADEMY_START, ACADEMY_GRADUATE (Set-in-memory, needs Postgres). Once persisted:

  • Weekly Phase-13 sub-phase: "Funnel review" reads funnel_events, computes conversion rates between each event, flags any stage with drop > 50% week-over-week
  • Auto-populate GAPS.md with funnel-drop gaps so Phase 12 prioritizes fixing them
  • Example auto-insight: if JOIN -> DAILY_CLAIM rate drops from 40% to 20% week-over-week, GAPS.md gets "Welcome DM Step 2 CTA is losing new users" as P0

Also track:

  • Command usage frequency (which slash commands get used most, which never)
  • Embed click-through on Discord button components
  • Web page scroll depth + exit rate (Vercel Analytics free tier covers this)

F3. A/B test infrastructure (P1, weeks 6-10)

Minimum viable A/B:

  • experiments table with experiment_id, variant, start_ts, end_ts, sample_size, success_metric
  • Feature flag helper getVariant(user_id, experiment_id) that hashes Discord ID into buckets
  • Bot + web both call the same helper
  • Phase-13 sub-phase runs weekly, computes winner if sample >= 500, auto-picks winner, closes experiment

First A/B candidates:

  • Welcome DM Step 1 copy (current 3-embed flow vs 1-embed flow)
  • /potd pricing-cta placement
  • /pricing page headline
  • Embed color palette (Green primary vs Pink primary)
  • Quiz XP reward amount (50 vs 25 vs 100)

F4. Competitor auto-watch (P1, weeks 4-8)

Phase 6 currently runs when a claude session feels like it. Replace with:

  • scripts/fetch-intel.mjs script (already flagged in Phase 6 log) hits 8 competitor URLs every 12h
  • Diff vs prior snapshot, push any changed pricing / feature-list / tier / landing-copy signals into GAPS.md as candidate P1 gaps
  • No auto-ship, just auto-populate. Phase 12 decides what to build.

Covered competitors: OddsJam, Rithmm, Leans.ai, Pikkit, Moddy AI, Action Network Playbook, Hard Rock Bet, VSiN.

F5. Cost budget guardrail (P1, week 3)

Every claude -p invocation in nuropicks-loop-tick.ps1 currently unsets ANTHROPIC_API_KEY to force Max billing. Good.

Add:

  • CLAUDE_TOKEN_BUDGET_DAILY env var (default 500k tokens or cost equivalent)
  • scripts/budget-check.ps1 runs at tick start, reads today's token usage from Max plan dashboard (or estimated from log line counts)
  • If > 80% of daily budget, skip non-P0 phases this cycle
  • If > 100%, skip tick entirely + queue a "budget exceeded" alert

Also add per-phase token caps. A research phase should not burn 100k tokens in one go.

F6. Cross-product memory import (P2, weeks 8-12)

Memory files in C:/Users/Mgtda/.claude/projects/C--WINDOWS-system32/memory/ contain lessons across MGT projects. Phase 13 already reads last 3 IMPROVEMENT_LOG entries. Extend to:

  • Read any feedback_* memory file tagged with nuropicks or generic-engineering
  • Propose memory updates when NuroPicks learns a pattern worth saving (propose-only per feedback_skill_self_improvement rule)

3.3 How to measure "is the loop actually working"

Six metrics. Each reports into a weekly dashboard (web /admin/loop-health, viewable only by David).

Metric Target Signal
Gaps closed per cycle 1-3 per 24h Velocity of continuous improvement
Gap open-to-close hours median < 48h Responsiveness of the loop
False-positive gap rate < 10% Phase 6 isn't fabricating
CLV of AI picks (30-day rolling) > +1% closing line value Model is getting sharper
Funnel conversion JOIN -> FIRST_BET > 30% week-3 cohort Product is getting stickier
Phase 5 tsc --noEmit errors 0 No regressions shipping
Cron tick success rate > 97% Infra stability
Auto-deploy success rate > 95% Vercel + build health
Claude spend vs revenue spend < 15% of MRR by Tier 2 Economics work
GAPS.md age distribution 80% < 30 days Not accumulating stale debt

Two guardrails:

Guardrail A: the loop cannot close a gap it introduced. If commit X opens a gap and commit Y (< 24h later) closes it, it does not count for velocity. This prevents the loop from gaming its own metrics.

Guardrail B: human-in-the-loop signal. David (or Mar, or Glizzy) flags any of the cycle's ships as "not actually useful" via a /ops flag-ship commit:<sha> command. Flagged ships count against loop health. Goal is < 5% human-flagged per week.

3.4 Failure modes + safeguards

FM1. Runaway token spend. A claude session hits a recursion or infinite-research loop and burns through Max plan allowance. Safeguard: F5 cost budget guardrail + LOOP_PROMPT already enforces "one phase per tick" (changed to "full cycle per tick" 2026-04-18; re-tighten if spend spikes).

FM2. Bad auto-deploy breaks production. Phase 13 runs vercel --prod --yes at end of cycle. A typo in a copy change reaches nuropicks.com without review. Safeguards already in tree:

  • tsc --noEmit must pass before commit
  • vercel build must succeed before prod publish
  • NUROPICKS_SKIP_DEPLOY=1 kill switch Additions needed:
  • Canary: deploy to preview URL first, ping /api/health, only promote to prod if 200 + no Sentry errors in first 60s
  • Rollback: vercel rollback snippet stored in scripts/emergency-rollback.ps1

FM3. GAPS.md drift (phantom gaps). Phase 6 hallucinates a competitor launch that didn't happen. Safeguards:

  • Phase 6 must cite a URL or timestamp for every new gap
  • Phase 13 reconciliation audits new gaps; flagged rows get removed with a log entry
  • F4 auto-watch replaces Phase 6's judgement with real scraped diffs

FM4. Model rollback loop. New XGBoost version degrades Brier, auto-rolls back, next retrain still worse, repeat. Safeguards:

  • Limit: max 1 rollback per 7 days
  • After 2 consecutive rollbacks, pause auto-retrain + page David
  • Require a clean feature-set diff before promoting

FM5. Legal / compliance regression. An autonomous copy change strips the 1-800-GAMBLER footer or introduces tout language. Safeguards:

  • Phase 4 grep already blocks on slop words + em dashes (0 false negatives 2026-04-18)
  • Add: Phase 4 greps every embed file for "1-800-GAMBLER" + "21+" + "not financial advice"; any missing footer blocks the commit
  • Add: Phase 4 greps for banned language: guaranteed, hammer, lock, insider, can't lose, risk-free

FM6. Credential exposure. A phase accidentally reads .env and echoes a secret into IMPROVEMENT_LOG. Safeguard: 30-second secret scan at tick start (already in LOOP_PROMPT). Extend regex to cover Stripe + NOWPayments + Whop + Neon + Upstash patterns. On hit, untrack + commit + flag revocation + halt cycle.

FM7. Silent drift in cron cadence or purpose. Auto-tune slides cadence to 60 min, then 90 min, and nobody notices the loop stopped shipping. Safeguard: hard caps already in spec (10 min floor, 60 min ceiling). Add a weekly David digest (Sunday 09:00 ET) with last-7-days velocity + cadence trend + top 3 gaps closed + top 3 gaps open.

FM8. Capper-side gaming. Once marketplace is live, a capper could backdate picks or auto-delete losses. Safeguard: audit_events immutable log + Phase 12 sub-phase that reconciles capper_picks.posted_at against Discord message created_at. Mismatch > 5 min auto-delists.

FM9. Cron reliance on local Windows machine. David's laptop is the single point of failure. If the machine is off, no loop. Safeguard: port the loop to the Hetzner VPS (reference_checkup_vps.md pattern). One tmux session per cron, pm2 or systemd for liveness. Cross-push skills/memory/hooks nightly (already done for Check Up; replicate for NuroPicks).

4. Recommended 30/60/90 day plan

Days 0-30 (launch prep)

Pre-spend (David-only, not Kai-executable):

  1. Buy nuropicks.com + nuropicks.com + nuropicks.gg at Porkbun (~$150 yr1)
  2. File WY LLC + registered agent + EIN ($225 one-time)
  3. Google Workspace seat + domain email ($7/mo)
  4. Buy The Odds API starter plan ($59/mo)
  5. Rotate DISCORD_BOT_TOKEN in Developer Portal (exposed 2026-04-17)
  6. Budget $500-1500 for attorney review of /terms + /privacy + age-gate

Engineering (Kai-executable after David unblocks): 7. Wire Neon Postgres + Upstash Redis, run schema.sql, replace in-memory store (2 weeks) 8. Wire Sentry + UptimeRobot (2 days) 9. Wire Odds API -> picks pipeline, retire stubbed picks (1 week) 10. Whop + NOWPayments webhook handlers with HMAC verify (1 week) 11. Ship M7-M12 Academy publisher embeds via cron (autonomous) 12. OG image batch via Nano Banana (1 day) 13. Canary deploy + rollback script for auto-deploy safeguard (2 days)

Milestone: 50-user soft launch with real picks, real subs, real DB.

Days 31-60 (prove the loop)

  1. CLV ground truth pipeline (F1): closing-line capture cron + pick-outcome table + nightly CLV job (1 week)
  2. XGBoost v0 training on ingested historical odds + 30-day live data (1 week)
  3. Funnel persistence + weekly funnel review Phase-13 sub-phase (F2) (3 days)
  4. A/B test infrastructure v0 (F3) with first 3 experiments live (1 week)
  5. Competitor auto-watch cron (F4) using scripts/fetch-intel.mjs (2 days)
  6. Cost budget guardrail (F5) (1 day)
  7. First 5 verified cappers onboarded; 85/15 split payouts tested via Whop
  8. Parlay builder v0 (2 weeks) with DK + FD deep-links

Milestone: 500 users, measurable CLV on AI picks, first capper payout processed.

Days 61-90 (grow + B2B)

  1. First B2B tenant provisioned (Mar's Goldboys or similar; manual-ish, not fully self-serve yet)
  2. Multi-tenant data layer v0 (group_id FK everywhere, RLS on bot queries) (3 weeks)
  3. White-label theming (per-tenant subdomain, logo, color tokens) (1 week)
  4. Cross-product memory import (F6) (3 days)
  5. Arbitrage scanner Phase 1 for Elite tier (2 weeks, per ARBITRAGE_RESEARCH)
  6. Weekly David digest + loop-health dashboard (3 days)
  7. Second attorney pass on capper MSA + tenant ToS ($500-1500)
  8. SEO programmatic pages (player props + game predictions, ~500 new URLs) (2 weeks)

Milestone: 1,000 users, $2k-5k MRR, first B2B tenant paying, loop velocity steady at 1-3 gaps/day.

5. Open questions for David

These require founder-level calls; Kai cannot unilaterally resolve.

  1. Elite tier launch gating. Ship Elite before or after attorney review? Attorney review takes 2-4 weeks. Launching Elite without it = revenue risk. Launching after = lost 2-4 weeks of MRR. Recommendation: launch Free + Pro at soft launch, hold Elite until attorney signs off.

  2. Capper marketplace launch mode. Invite-only first (Mar + Glizzy + 3 David-vetted) or open /apply/capper the day Postgres lands? Open risks tout applicants; invite-only risks slow flywheel.

  3. BookSync commitment. Ship Path 1 (OCR + manual /bet) at launch, defer Path 2 (SharpRank license) to month 3. Confirm or override?

  4. Arb feature framing. ARBITRAGE_RESEARCH recommends bundling arb into Elite. Confirm, or split arb into a separate $49/mo add-on?

  5. B2B pricing. Solo Capper $100/mo, Team $200/mo, DFY $800 setup + $300/mo per CAPPER_OUTREACH_PLAYBOOK. Lock these or let Kai test 2x variants in first 30 days?

  6. Geofence states. Which 8 states do we whitelist at launch? NY, NJ, PA, AZ, MI, CO, IL, VA is a defensible default, but David may want to exclude NY due to heavier regulatory posture.

  7. Customer support model. David, Mar, and Glizzy dogfood today. At 500+ users who handles dispute + refund + RG escalation? Part-time mod hire, Glizzy rotation, or David bites the bullet week 1?

  8. Trademark NuroPicks. Single-class TM filing in US is ~$250-350 DIY or $1k-2k with an attorney. Worth doing before B2B white-label clients can copy the name?

  9. Cross-machine failover. Move crons from Windows laptop to Hetzner VPS? Adds resilience, costs a few hours of setup, but requires dual-management until migrated.

  10. Capper payout schedule. 5th-of-month per CAPPER_VERIFICATION.md. Also add daily minimum-threshold auto-payouts once NOWPayments live, or stay monthly?

  11. Public CLV audit. Commit to publishing NuroPicks AI pick CLV weekly? High-trust differentiator, but locks us into honesty even when model is cold.

  12. Attorney selection. One-off $500-1500 review or retainer at $500-1500/mo? Retainer scales better into Tier 2.

End of audit. 21+ only. Sports betting involves risk. Never bet more than you can afford to lose. Call 1-800-GAMBLER.

21+ only. Not financial advice. 1-800-GAMBLER.

system scaling audit - NuroPicks Docs