Client request
The client's wording plus clarifications from the 30-minute brief. A separate top block, unprocessed, used as the base for further analysis.
Back to Client journeyDocument
01Sample from stage 01 · Diagnostic
Document
“Diagnosis and design”
This is not a universal template, but a sample of the level of detail you receive after a diagnostic for your specific task. The structure is preserved, one section is shown in detail, and the rest are short descriptions.
7–8 pages~8 min readanonymized
Context of this sample
A request for an AI assistant with access to a company's private knowledge base, for internal employee use. This is an example of one task category; the structure for your case will be different.
Document structure
The document starts with the “Client request” block, followed by 7 sections of pre-project analysis. Section #4 is shown in detail below.
Pre-project analysis
1
Request analysis
Structuring what is actually needed, which separate actions the request consists of, and what the scope looks like.
2
Requirements
Scenario groups, authorization, limitations, technical requirements, and expansion options.
3
Technical architecture assessment
Which tools are needed and why, and how it works step by step from the user's point of view.
4
Security risk analysis
shown as sampleSpecific risks such as knowledge-base leakage and hallucinated facts, each with a proposed solution.
5
First version plan
What goes into the first version + the list of what we do NOT build in the first version. The key part for managing expectations.
6
Implementation options
Several implementation options with pricing, timelines, limitations, and other details.
7
Recommendation
Which option to choose for your task: the best balance of price, speed, and risks.
4
Security risk analysis
This section is shown partially: 3 of 7 risks. It demonstrates the level of detail.
For an AI assistant with access to a knowledge base, I check the typical risks for this class of tasks. Each has a concrete solution at the architecture and approach level.
Risk: uncontrolled output of sensitive data
A user may try to extract a massive amount of information in a single request.
Approach: limit output volume through the system prompt and database request parameters. The concrete implementation is adapted to your scenario during development.
Risk: instruction bypass (prompt injection)
Attempts to manipulate the model so it goes beyond the defined scenarios.
Approach: multi-layer protection at the prompt level and during processing before and after the model response. Architecture details are part of development.
Risk: invented facts (hallucinations)
AI may generate data that looks plausible but does not actually exist in your knowledge base.
Approach: tie answers to confirmed sources and explicitly refuse when there is not enough information.
In the full document, risks are selected for the specific request and the type of data the system works with.
This is 1 of 7 sections
The full document is built around your specific request
Order the Diagnostic to receive a document with your action scenarios, risks, implementation options, and my recommendation. 30-minute call + 2–3 days of preparation.
All samples are adapted. Company names, internal details, and sensitive data are removed. The structure and level of detail are real from my projects.