Feature Request: Customer-facing Q&A interface for anonymized assessment data
Resolved 💬 3 comments Opened Dec 10, 2025 by SDS-Mike Closed Feb 11, 2026
Feature Request
Summary
Add a customer-facing chat interface in the tool portal website where customers can ask questions about their anonymized Microsoft 365 security assessment data using Claude Haiku.
Use Case
After an assessment is completed, customers should be able to:
- Ask clarifying questions about their findings (e.g., "What does the inactive users finding mean for my organization?")
- Request more detail on specific recommendations
- Ask follow-up questions like "How do I implement this in Azure Portal?"
- Get help understanding compliance mappings
Proposed Implementation
- Chat Interface: Add a chat widget to the customer portal after assessment completion
- Context Injection: Inject the customer's sanitized (Tier 2) metrics as context for each conversation
- Model: Use Claude Haiku 4.5 for fast, cost-effective responses
- Guardrails:
- Only allow questions about their own assessment data
- Limit conversation to security posture topics
- No access to raw (Tier 1) data - only sanitized metrics
Security Considerations
- Zero-knowledge architecture maintained: Claude only sees Tier 2 (anonymized) data
- Customer can only query their own assessment
- Session-scoped conversations with automatic cleanup
Technical Notes
- Leverage existing
get_prompt_for_tier()infrastructure - Add new "chat" prompt template optimized for Q&A
- Track token usage in Opik for cost monitoring
- Consider rate limiting per assessment
Priority
Medium - enhances customer value without blocking core assessment functionality
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗