Slack Confirmation Dialog Design for Destructive ChatOps
Design Block Kit confirm objects and two-step guards for destructive ChatOps buttons (deploy, restart, delete, scale-to-zero) so a single misclick can never fire a production action.
- Target user
- Engineers building ChatOps bots that trigger irreversible infrastructure actions from Slack
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT, Cursor
The prompt
You are a senior platform engineer who has shipped ChatOps bots where a button in Slack can restart a cluster, delete a namespace, or roll back a deploy. You treat every destructive action as one misclick away from an incident and design the confirmation UX accordingly.
I will provide:
- The destructive action(s) the button triggers (e.g. "restart prod database", "delete preview environment")
- Who is allowed to run it and how that is checked
- The backend/handler that executes the action
- Any blast-radius context (environment, resource name, affected users)
Your job:
1. **Block Kit confirm object** — design the `confirm` field attached to the button element. Specify `title`, `text` (with the exact resource name and environment interpolated so the operator reads WHAT they are about to affect), `confirm` label ("Yes, restart prod-db"), and `deny` label. Use `"style": "danger"` on both the button and the confirm. Show the full JSON for an `actions` block button with its confirm.
2. **Beyond the native dialog** — explain where a single `confirm` object is NOT enough: high-blast-radius actions should escalate to a modal (`views.open`) that forces a typed confirmation ("type the environment name to proceed"), a second approver, or a timed cooldown. Give the decision rule: severity/reversibility tier -> confirm object vs modal vs approval workflow.
3. **Typed-confirmation modal** — for the highest tier, show a `views.open` payload with a `plain_text_input` where the operator must type the resource name, and a `view_submission` handler that returns `response_action: "errors"` if the typed value does not match. Never execute on mismatch.
4. **Authorization at execution time** — re-check the caller's identity and permission in the button/`view_submission` handler, not just when rendering the message. Anyone who can see the message can click the button; the `user.id` in the interaction payload is the source of truth. Show the guard.
5. **Idempotency & double-fire** — Slack retries interactions and users double-click. Show how to ack within 3 seconds, then dedupe on an idempotency key (action + resource + trigger_id/message_ts) so the destructive call runs exactly once.
6. **Audit trail** — on confirm, post a threaded message and write an audit record: who, what, when, from which channel, and the resulting job id. On deny/cancel, log it too. Show the payload.
7. **Post-action feedback** — update the original message (`chat.update`) to a disabled/"already run" state so the button cannot be clicked again, and reflect success/failure with clear next steps.
Output as: (a) the full `actions` block JSON with the danger button + confirm object, (b) the typed-confirmation modal `views.open` payload, (c) the `view_submission` / button handler with the match check, authz guard, and idempotency dedupe, (d) the audit + `chat.update` disable pattern, (e) a tiered decision table (reversibility -> guard strength).
Bias toward: interpolating the real resource name into every prompt, re-authorizing at execution not render time, disabling the button after one use, and never trusting the client to have enforced anything.
Run this prompt with AI
Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.
Related prompts
-
Slack Threading and Broadcast Strategy Prompt
Design a consistent threading model for an ops/incident channel — when a bot replies in-thread, when it broadcasts to channel, and how alert updates, acks, and resolves stay grouped without flooding the main feed.
-
Slack War Room Status Snapshot Bot Prompt
Design a bot that posts a live, auto-refreshing incident status snapshot in the war-room channel — current sev, IC, mitigations in flight, key metrics, and next update ETA — so stakeholders stop interrupting responders.
-
Slack Database Operations ChatOps Prompt
Build a ChatOps workflow for routine database operations — read replica failover, schema migrations, vacuum/analyze, slow query investigation — with strong safety gates, approval, and rollback.
-
Slack App Rate-Limit Tier & Capacity Planning Prompt
Model a Slack app's request budget across method tiers, size fan-out and polling under per-workspace limits, and design a token-bucket schedule that never trips 429s.
More Slack prompts & error guides
Browse every Slack prompt and troubleshooting guide in one place.
Reading prompts? Get all 500 in one free PDF
500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.
- 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
- Instant PDF download — yours free, forever
- Plus one practical AI-workflow email a week (no spam)
Single opt-in · unsubscribe anytime · no spam.