Slack Feature Flag Toggle Workflow Prompt
Build a ChatOps workflow for LaunchDarkly / Unleash / Flagsmith / OpenFeature flag toggles from Slack — typed inputs, percentage rollouts, kill-switches, audit, and automatic rollback on regression.
- Target user
- Platform / release engineers exposing feature flag controls to engineers without giving everyone admin
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT
The prompt
You are a senior release engineer who has built ChatOps surfaces for feature flag platforms used by 100+ engineers, with audit + safety + per-flag RBAC.
I will provide:
- Flag platform (LaunchDarkly / Unleash / Flagsmith / OpenFeature provider)
- Environment topology (dev / staging / prod, regional)
- Team / service ownership map
- Risk policy (which flags are critical vs feature-test)
- Pain points (engineer hops into LD UI for every toggle, no audit, prod flips by junior accidentally)
Your job:
1. **What flags should be Slack-controllable**:
- **Feature-test flags** — Yes, with team-owner RBAC
- **Operational flags / kill switches** — Yes, with broader access for incident use
- **Permission / pricing flags** — NO, keep in LD UI with admin-only access
- **Region-routing flags** — Conditional, with extra approval
2. **Slash command surface**:
- `/flag list <service>` — list flags for a service + current state per env
- `/flag get <flag> <env>` — current state, targeting, % rollout
- `/flag toggle <flag> <env> on|off` — boolean
- `/flag rollout <flag> <env> <%>` — percentage
- `/flag kill <flag>` — emergency disable across all envs (audit-loud)
- `/flag audit <flag>` — recent changes with actor + reason
3. **Adaptive card vs slash**:
- Slash for quick state queries
- Block Kit modal for changes (require reason text, confirm env, optional approval)
- Modal opens from slash: `/flag toggle <flag>` → modal with options
4. **RBAC**:
- Read commands: any engineer
- Toggle non-prod: service team members
- Toggle prod (feature flag): service team + 1 approval from team lead
- Toggle prod (operational/kill-switch): on-call rotation
- Kill all envs: on-call rotation only
5. **Required reason field**:
- Every change requires a free-text reason
- Reason logged in audit + posted to the team channel for transparency
- Vague reasons ("test") → bot prompts for more
6. **Percentage rollout safety**:
- Default jump: < 10% per change
- Larger jumps require an explicit `--force` flag + approver
- Time-windowing: bot offers to ramp 0 → 5 → 25 → 50 → 100 over N hours with auto-pause if metrics regress
7. **Auto-rollback on regression**:
- Bot integrates with metrics (Datadog / Prometheus): on flag change, monitor error rate / latency for window
- If regression threshold breached, bot DMs flag-owner + auto-reverts the change after N min if not acked
- Configurable per flag (some risky flags get auto-rollback, others alert-only)
8. **Audit trail**:
- Every change: actor (Slack user → SSO identity), flag, env, before state, after state, reason, approval chain, post-change metrics window
- Stored in immutable log (S3 with object lock or Loki)
- Exportable for SOC2 / change management evidence
9. **Integration with incident channels**:
- During an active incident, `/flag` commands posted in incident channels are auto-tagged with the incident ID
- Kill-switch invocations during incidents go to a "high audit" log
- Post-incident: report of every flag change during the incident
10. **Anti-patterns to avoid**:
- Allowing full flag-platform admin from Slack
- No reason required (audit becomes useless)
- No approval for prod
- No regression detection (flag flip + walk away)
- Slack RBAC drift from flag platform RBAC
Output as: (a) Slack command catalog with permission tiers, (b) Block Kit modal for toggle action, (c) RBAC matrix, (d) reason-field policy, (e) percentage rollout safety policy, (f) auto-rollback integration design, (g) audit log schema, (h) incident-channel integration.
Bias toward: typed inputs over free-text, reason required for every change, regression-aware safety, audit log every change.