npm - @clix-so/clix-agent-skills - Versions diffs - 0.1.8 → 0.1.9 - Mend

@clix-so/clix-agent-skills 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
 # Agent Skills for Clix
 [![npm version](https://img.shields.io/npm/v/%40clix-so%2Fclix-agent-skills.svg?logo=npm&label=npm)](https://www.npmjs.com/package/@clix-so/clix-agent-skills)
-[![npm downloads](https://img.shields.io/npm/dm/%40clix-so%2Fclix-agent-skills.svg)](https://www.npmjs.com/package/@clix-so/clix-agent-skills)
+[![npm downloads](https://img.shields.io/npm/d18m/%40clix-so%2Fclix-agent-skills.svg)](https://www.npmjs.com/package/@clix-so/clix-agent-skills)
 This repository contains a collection of **Agent Skills for Clix**. Each skill
 is a self-contained package that can be loaded and executed by AI clients.
@@ -50,7 +50,7 @@ npx @clix-so/clix-agent-skills@latest install integration --client cursor --glob
 # Install all available skills at once (repo root)
 npx @clix-so/clix-agent-skills@latest install --all --client cursor
-# This will install: integration, event-tracking, user-management, personalization
+# This will install: integration, event-tracking, user-management, personalization, api-triggered-campaigns
 # Install all available skills globally (system root)
 npx @clix-so/clix-agent-skills@latest install --all --client cursor --global
@@ -58,7 +58,8 @@ npx @clix-so/clix-agent-skills@latest install --all --client cursor --global
 ### Available Skills
-- **clix-integration**: Integrate Clix Mobile SDK and MCP server setup
+- **clix-integration**: Seamlessly integrate Clix Mobile SDK to your mobile
+  application with Clix MCP Server
 - **clix-event-tracking**: Implement `Clix.trackEvent` with naming/schema best
   practices and campaign-ready validation
 - **clix-user-management**: Implement `Clix.setUserId` + user properties with
@@ -66,6 +67,9 @@ npx @clix-so/clix-agent-skills@latest install --all --client cursor --global
 - **clix-personalization**: Author and debug personalization templates for
   message content, deep links/URLs, and audience targeting rules (`user.*`,
   `event.*`, `trigger.*`, `device.*`)
+- **clix-api-triggered-campaigns**: Configure API-triggered campaigns in the
+  console and trigger them from your backend with safe auth, dynamic filters
+  (`trigger.*`), and personalization patterns
 **Supported Clients:**
@@ -105,6 +109,7 @@ Alternatively, you can install a single skill directly by running:
 /plugin install clix-event-tracking@clix-agent-skills
 /plugin install clix-user-management@clix-agent-skills
 /plugin install clix-personalization@clix-agent-skills
+/plugin install clix-api-triggered-campaigns@clix-agent-skills
 ```
 Remember to restart Claude Code after installation to load the new skills.

package/dist/bin/commands/install.js CHANGED Viewed

@@ -120,11 +120,13 @@ async function installSkill(skillName, options) {
         throw error;
     }
     // 4. MCP Configuration (always global/system root)
-    try {
-        await (0, mcp_1.configureMCP)(options.client);
-    }
-    catch (error) {
-        console.warn(chalk_1.default.yellow(`MCP Configuration warning: ${getErrorMessage(error)}`));
+    if (!options.skipMCPConfig) {
+        try {
+            await (0, mcp_1.configureMCP)(options.client);
+        }
+        catch (error) {
+            console.warn(chalk_1.default.yellow(`MCP Configuration warning: ${getErrorMessage(error)}`));
+        }
     }
     console.log(`\n${chalk_1.default.green("✔")} Skill ${chalk_1.default.bold(skillName)} is ready to use!`);
     console.log(`  - Docs: ${path_1.default.join(destPath, "SKILL.md")}`);
@@ -170,7 +172,8 @@ async function installAllSkills(options) {
     let failCount = 0;
     for (const skillName of skills) {
         try {
-            await installSkill(skillName, options);
+            // Avoid configuring MCP once per skill. We'll do it once at the end.
+            await installSkill(skillName, { ...options, skipMCPConfig: true });
             successCount++;
         }
         catch (error) {
@@ -178,6 +181,15 @@ async function installAllSkills(options) {
             failCount++;
         }
     }
+    // Configure MCP once per `--all` run (always global/system root)
+    if (successCount > 0) {
+        try {
+            await (0, mcp_1.configureMCP)(options.client);
+        }
+        catch (error) {
+            console.warn(chalk_1.default.yellow(`MCP Configuration warning: ${getErrorMessage(error)}`));
+        }
+    }
     console.log();
     if (failCount === 0) {
         console.log(chalk_1.default.green(`\n✔ Successfully installed all ${chalk_1.default.bold(successCount)} skill(s)!`));

package/dist/bin/utils/mcp.js CHANGED Viewed

@@ -159,7 +159,13 @@ function getClientConfig(client) {
                 format: "json",
             };
         }
+        // GitHub Copilot runs inside VS Code, so its MCP configuration lives in VS Code's MCP config.
+        // We accept `github` / `copilot` as aliases and write to the same file as `vscode`.
         case "vscode":
+        case "github":
+        case "copilot":
+        case "github-copilot":
+        case "github copilot":
             return {
                 path: path_1.default.join(home, ".vscode", "mcp.json"),
                 configKey: "mcpServers",

package/llms.txt CHANGED Viewed

@@ -7,6 +7,32 @@ Each entry includes the file path, type, and description for semantic search.
 ---
+## clix-api-triggered-campaigns
+Helps developers configure API-triggered campaigns in the Clix console and trigger them from backend services with safe auth, payload schemas, dynamic audience filters (trigger.*), and personalization best practices. Use when the user mentions transactional notifications, backend-triggered sends, campaign_id trigger APIs, or "API-triggered campaigns".
+- [clix-api-triggered-campaigns](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/SKILL.md): Helps developers configure API-triggered campaigns in the Clix console and trigger them from backend services with safe auth, payload schemas, dynamic audience filters (trigger.*), and personalization best practices. Use when the user mentions transactional notifications, backend-triggered sends, campaign_id trigger APIs, or "API-triggered campaigns".
+### References
+- [Api Contract (Reference)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/references/api-contract.md): Reference documentation for api-triggered-campaigns skill
+- [Backend Patterns (Reference)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/references/backend-patterns.md): Reference documentation for api-triggered-campaigns skill
+- [Console Setup (Reference)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/references/console-setup.md): Reference documentation for api-triggered-campaigns skill
+- [Debugging (Reference)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/references/debugging.md): Reference documentation for api-triggered-campaigns skill
+- [Personalization And Dynamic Filters (Reference)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/references/personalization-and-dynamic-filters.md): Reference documentation for api-triggered-campaigns skill
+- [Security And Keys (Reference)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/references/security-and-keys.md): Reference documentation for api-triggered-campaigns skill
+### Examples
+- [Trigger Campaign Node (Example)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/examples/trigger-campaign-node.js): Code example for api-triggered-campaigns skill
+- [Trigger Campaign Python (Example)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/examples/trigger-campaign-python.py): Code example for api-triggered-campaigns skill
+### Scripts
+- [Validate Api Trigger Plan (Script)](https://raw.githubusercontent.com/clix-so/skills/refs/heads/main/skills/api-triggered-campaigns/scripts/validate-api-trigger-plan.sh): Utility script for api-triggered-campaigns skill
+---
 ## clix-event-tracking
 Implements Clix event tracking (Clix.trackEvent) with consistent naming, safe property schemas, and campaign-ready validation. Use when adding, reviewing, or debugging event tracking; when configuring event-triggered campaigns; or when the user mentions events, tracking, funnels, or properties — or when the user types `clix-event-tracking`.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@clix-so/clix-agent-skills",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "description": "An open collection of agent skills for Clix.",
   "main": "dist/index.js",
   "bin": {

package/skills/api-triggered-campaigns/LICENSE.txt ADDED Viewed

@@ -0,0 +1,203 @@
+Copyright (c) 2026 Clix (https://clix.so/)
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+   1. Definitions.
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+   END OF TERMS AND CONDITIONS
+   APPENDIX: How to apply the Apache License to your work.
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+   Copyright (c) 2026 Clix (https://clix.so/)
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+       http://www.apache.org/licenses/LICENSE-2.0
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/skills/api-triggered-campaigns/SKILL.md ADDED Viewed

@@ -0,0 +1,186 @@
+---
+name: clix-api-triggered-campaigns
+description:
+  Helps developers configure API-triggered campaigns in the Clix console and
+  trigger them from backend services with safe auth, payload schemas, dynamic
+  audience filters (trigger.*), and personalization best practices. Use when the
+  user mentions transactional notifications, backend-triggered sends,
+  campaign_id trigger APIs, or "API-triggered campaigns".
+---
+# API-Triggered Campaigns (Backend → Clix)
+Use this skill to set up **API-triggered campaigns** in the Clix console and
+trigger them from your backend with dynamic data (`trigger.*`) for:
+- Transactional notifications (orders, password reset, receipts)
+- Workflow messages (assignments, approvals)
+- System alerts (moderation, support tickets)
+- Programmatic sends where marketers/ops should control content + targeting
+## What the official docs guarantee (high-signal)
+- API-triggered campaigns are configured in the console, then triggered via:
+  `POST /api/v1/campaigns/{campaign_id}:trigger`
+- Authentication uses **secret** headers:
+  - `X-Clix-Project-ID`
+  - `X-Clix-API-Key`
+- Request `properties` become **`trigger.*`** for:
+  - **Dynamic audience filtering** (console audience rules)
+  - **Personalization** in templates (title/body/deep links)
+- `audience.broadcast=true` sends to all users eligible under the campaign’s
+  segment definition; `audience.targets` narrows to specific users/devices
+  (still filtered by the segment definition).
+- Dynamic audience filters are intentionally constrained for performance: **max
+  3 attributes** in the audience definition.
+## MCP-first (source of truth)
+If Clix MCP tools are available, treat them as the **source of truth**:
+- Use `clix-mcp-server:search_docs` to confirm the latest API contract + limits:
+  - query examples:
+    - `"API-triggered campaign trigger endpoint"`
+    - `"campaigns/{campaign_id}:trigger audience targets broadcast"`
+    - `"trigger.* dynamic audience filters limitations"`
+If MCP tools are not available, use the bundled references:
+- API contract → `references/api-contract.md`
+- Console setup + dynamic filters → `references/console-setup.md`
+- Backend patterns (auth, retries, timeouts) → `references/backend-patterns.md`
+- Security/key handling → `references/security-and-keys.md`
+- Personalization + dynamic filters →
+  `references/personalization-and-dynamic-filters.md`
+- Debugging checklist → `references/debugging.md`
+## Workflow (copy + check off)
+```
+API-triggered campaign progress:
+- [ ] 1) Confirm goals + trigger source (what backend event sends the message?)
+- [ ] 2) Define campaign contract (properties keys/types; PII policy)
+- [ ] 3) Configure campaign in console (API-triggered + audience rules + templates)
+- [ ] 4) Implement backend trigger wrapper (auth, timeout, retries, logging)
+- [ ] 5) Validate trigger plan JSON (schema + naming + safety)
+- [ ] 6) Verify in Clix (test payloads, Message Logs, segment matching)
+```
+## 1) Confirm the minimum inputs
+Ask only what’s needed:
+- **Campaign**: where is it in the console? do you already have `campaign_id`?
+- **Channel**: push / in-app / email / etc. (affects message template fields)
+- **Audience mode**: broadcast vs explicit targets
+- **Dynamic filter keys**: which `trigger.*` keys are used in audience rules
+- **Properties**: list of keys + types + example values (avoid PII by default)
+- **Backend**: runtime and HTTP client (Node/Fetch, Axios, Python, Go, etc.)
+## 2) Create a “Trigger Plan” (before touching backend code)
+Create `api-trigger-plan.json` in `.clix/` (recommended) or project root.
+**Recommended location**: `.clix/api-trigger-plan.json`
+**Plan schema (high-level):**
+- `campaign_id` (string)
+- `audience.mode`: `"broadcast" | "targets" | "default"`
+- `audience.targets` (if mode is `"targets"`)
+- `dynamic_filter_keys` (array of up to 3 snake_case keys)
+- `properties` (map of snake_case keys → `{ type, required?, example?, pii? }`)
+Example:
+```json
+{
+  "campaign_id": "019aa002-1d0e-7407-a0c5-5bfa8dd2be30",
+  "audience": {
+    "mode": "broadcast"
+  },
+  "dynamic_filter_keys": ["store_location"],
+  "properties": {
+    "store_location": {
+      "type": "string",
+      "required": true,
+      "example": "San Francisco"
+    },
+    "order_id": { "type": "string", "required": true, "example": "ORD-12345" },
+    "item_count": { "type": "number", "required": true, "example": 3 },
+    "pickup_time": { "type": "string", "required": false, "example": "2:30 PM" }
+  }
+}
+```
+## 3) Configure campaign in the console (API-triggered)
+- Set the campaign type to **API-Triggered**.
+- Build audience rules using `{{ trigger.* }}` for dynamic filters.
+- Use `{{ trigger.* }}` in message templates + deep links.
+See: `references/console-setup.md` for exact guidance and limitations.
+## 4) Implement backend trigger wrapper (best practices)
+Backend wrapper responsibilities:
+- **Auth**: load `X-Clix-Project-ID` and `X-Clix-API-Key` from
+  environment/secret store (never commit).
+- **Timeout**: set a short timeout (e.g., 3–10s) and fail fast.
+- **Retries**: retry only on transient failures (network/5xx), with backoff; do
+  not retry blindly on 4xx.
+- **Dedupe**: prevent double-sends in your system (e.g., unique key per order
+  event) since the API call is “send-like”.
+- **Logging**: log `campaign_id`, your correlation id (order id), and the Clix
+  response (e.g., `trigger_id`).
+Copy/paste examples:
+- Node: `examples/trigger-campaign-node.js`
+- Python: `examples/trigger-campaign-python.py`
+## 5) Validate the plan (fast feedback loop)
+Run:
+```bash
+bash <skill-dir>/scripts/validate-api-trigger-plan.sh .clix/api-trigger-plan.json
+```
+This validator checks:
+- valid JSON
+- `campaign_id` present
+- `dynamic_filter_keys` is ≤ 3 and snake_case
+- `properties` keys are snake_case and have valid types
+- example values match declared types
+- `targets` entries specify exactly one of `project_user_id` or `device_id`
+## 6) Verify (Clix + end-to-end)
+Minimum verification:
+- Campaign is **API-Triggered** and `campaign_id` matches.
+- If using dynamic audience filters, the `trigger.*` keys exist in the API call
+  and match audience rules exactly.
+- Trigger once with a known-good payload; confirm delivery + inspect Message
+  Logs for rendering errors.
+See `references/debugging.md`.
+## Progressive Disclosure
+- **Level 1**: This `SKILL.md` (always loaded)
+- **Level 2**: `references/` (load when implementing details)
+- **Level 3**: `examples/` (load when copy/pasting backend code)
+- **Level 4**: `scripts/` (execute directly; do not load into context)
+## References
+- `references/api-contract.md`
+- `references/console-setup.md`
+- `references/backend-patterns.md`
+- `references/security-and-keys.md`
+- `references/personalization-and-dynamic-filters.md`
+- `references/debugging.md`

package/skills/api-triggered-campaigns/examples/trigger-campaign-node.js ADDED Viewed

@@ -0,0 +1,62 @@
+/**
+ * Minimal Node.js example: trigger an API-triggered campaign.
+ *
+ * Requirements:
+ * - Node 18+ (fetch is available) OR replace with your HTTP client
+ * - Env vars:
+ *   - CLIX_PROJECT_ID
+ *   - CLIX_API_KEY
+ */
+const CLIX_PROJECT_ID = process.env.CLIX_PROJECT_ID;
+const CLIX_API_KEY = process.env.CLIX_API_KEY;
+if (!CLIX_PROJECT_ID || !CLIX_API_KEY) {
+  throw new Error("Missing CLIX_PROJECT_ID or CLIX_API_KEY");
+}
+async function triggerCampaign({ campaignId, audience, properties }) {
+  const url = `https://api.clix.so/api/v1/campaigns/${campaignId}:trigger`;
+  const res = await fetch(url, {
+    method: "POST",
+    headers: {
+      "X-Clix-Project-ID": CLIX_PROJECT_ID,
+      "X-Clix-API-Key": CLIX_API_KEY,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify({
+      audience,
+      properties,
+    }),
+  });
+  const text = await res.text();
+  if (!res.ok) {
+    throw new Error(`Clix trigger failed (${res.status}): ${text}`);
+  }
+  return JSON.parse(text);
+}
+// Example usage
+async function main() {
+  const campaignId = "019aa002-1d0e-7407-a0c5-5bfa8dd2be30"; // replace
+  const payload = {
+    audience: { broadcast: true },
+    properties: {
+      store_location: "San Francisco",
+      order_id: "ORD-12345",
+      item_count: 3,
+      pickup_time: "2:30 PM",
+    },
+  };
+  const out = await triggerCampaign({ campaignId, ...payload });
+  console.log(out); // { trigger_id: "..." }
+}
+main().catch((e) => {
+  console.error(e);
+  process.exit(1);
+});

package/skills/api-triggered-campaigns/examples/trigger-campaign-python.py ADDED Viewed

@@ -0,0 +1,58 @@
+"""
+Minimal Python example: trigger an API-triggered campaign.
+Requirements:
+  pip install requests
+Env vars:
+  - CLIX_PROJECT_ID
+  - CLIX_API_KEY
+"""
+import json
+import os
+import sys
+from typing import Any, Dict
+import requests
+def trigger_campaign(*, campaign_id: str, audience: Dict[str, Any], properties: Dict[str, Any]) -> Dict[str, Any]:
+    project_id = os.environ.get("CLIX_PROJECT_ID")
+    api_key = os.environ.get("CLIX_API_KEY")
+    if not project_id or not api_key:
+        raise RuntimeError("Missing CLIX_PROJECT_ID or CLIX_API_KEY")
+    url = f"https://api.clix.so/api/v1/campaigns/{campaign_id}:trigger"
+    res = requests.post(
+        url,
+        headers={
+            "X-Clix-Project-ID": project_id,
+            "X-Clix-API-Key": api_key,
+            "Content-Type": "application/json",
+        },
+        json={"audience": audience, "properties": properties},
+        timeout=10,
+    )
+    if res.status_code >= 400:
+        raise RuntimeError(f"Clix trigger failed ({res.status_code}): {res.text}")
+    return res.json()
+def main() -> int:
+    out = trigger_campaign(
+        campaign_id="019aa002-1d0e-7407-a0c5-5bfa8dd2be30",  # replace
+        audience={"broadcast": True},
+        properties={
+            "store_location": "San Francisco",
+            "order_id": "ORD-12345",
+            "item_count": 3,
+            "pickup_time": "2:30 PM",
+        },
+    )
+    print(json.dumps(out, indent=2))
+    return 0
+if __name__ == "__main__":
+    sys.exit(main())

package/skills/api-triggered-campaigns/references/api-contract.md ADDED Viewed

@@ -0,0 +1,86 @@
+# Trigger Campaign API (Contract)
+This reference documents the backend API call used to trigger an API-triggered
+campaign.
+## Endpoint
+```
+POST https://api.clix.so/api/v1/campaigns/{campaign_id}:trigger
+```
+## Authentication headers (required)
+- `X-Clix-Project-ID`: your project id
+- `X-Clix-API-Key`: your **secret** API key (treat as a secret; never ship to
+  clients)
+- `Content-Type: application/json`
+## Request body
+Top-level:
+- `audience` (optional): targeting for this trigger
+- `properties` (optional): key-value map used for both audience +
+  personalization
+### Audience object
+- `broadcast` (boolean, optional): when true, send to all users eligible under
+  the campaign’s segment definition (ignores `targets`)
+- `targets` (array, optional): specific recipients to narrow to (still filtered
+  by the campaign’s segment definition)
+### Target object
+Each target should specify **exactly one**:
+- `project_user_id` (string)
+- `device_id` (string)
+## Properties (`trigger.*`)
+All keys in `properties` are available as `trigger.<key>` in:
+- **Audience rules** (dynamic filters):
+  `store_location == {{ trigger.store_location }}`
+- **Templates** (title/body/subtitle/deep links):
+  `Order #{{ trigger.order_id }}`
+Best practices:
+- Use **snake_case** keys.
+- Prefer **primitives** (string/number/boolean). Pre-format for display (e.g.,
+  send `"$29.99"` rather than `2999` if you want formatted output).
+- Avoid PII by default (email, phone, free-text entered by users).
+## Responses
+### 200 OK
+Returns a trigger identifier:
+```json
+{ "trigger_id": "5dbdd10e-6ea6-4ff7-836d-bd30a6d1a521" }
+```
+### 400 Bad Request
+Common causes:
+- missing/invalid `campaign_id`
+- malformed JSON body
+- campaign isn’t configured as API-triggered
+### 401 Unauthorized
+Common causes:
+- missing/invalid `X-Clix-Project-ID` or `X-Clix-API-Key`
+## Operational notes
+- Delivery is asynchronous; the API returns quickly with `trigger_id`.
+- Segment filtering is always applied:
+  - `broadcast=true`: sends to all users matching segment
+  - `targets=[...]`: sends only to targets who also match segment

package/skills/api-triggered-campaigns/references/backend-patterns.md ADDED Viewed

@@ -0,0 +1,84 @@
+# Backend Implementation Patterns
+This reference focuses on production-safe backend triggering:
+- auth
+- timeouts
+- retries
+- dedupe
+- logging
+## Recommended wrapper shape
+Implement a single function in your backend (service/module) that all call sites
+use:
+- input: `campaign_id`, `audience`, `properties`, `correlation_id`
+- output: `trigger_id` (or structured error)
+Centralizing this wrapper ensures consistent auth, timeouts, and error handling.
+## Secrets + configuration
+- Store secrets in your secret manager (or env vars on the server).
+- Use different keys per environment (dev/staging/prod).
+- Never send `X-Clix-API-Key` to mobile/web clients.
+Required environment variables (suggested names):
+- `CLIX_PROJECT_ID`
+- `CLIX_API_KEY`
+## Timeouts
+Always set a client-side timeout (example: 3–10 seconds). The API is “send-like”
+and should not block core request handling indefinitely.
+## Retries (safe defaults)
+Retry only when it’s plausibly transient:
+- network errors / timeouts
+- `5xx` responses
+Do **not** retry blindly on `4xx` (usually contract/auth issues).
+Use exponential backoff and cap total retry time.
+## Dedupe (prevent double-sends)
+Typical causes of duplicates:
+- message triggered by at-least-once job processing
+- retries at the application layer
+- replays after partial failures
+Best practice:
+- Define a stable dedupe key (e.g., `order_id + campaign_id`).
+- Store it for a short TTL (e.g., 24h) in Redis/DB to prevent re-sends.
+## Logging + observability
+Log:
+- `campaign_id`
+- your correlation id (order id / ticket id)
+- `audience` mode (broadcast/targets)
+- Clix response `trigger_id` on success
+- HTTP status + response body on failures (redact secrets)
+## Payload conventions
+- Prefer snake_case keys in `properties`.
+- Prefer primitives.
+- Pre-format display values (currency, duration, timestamps) if you want
+  consistent rendering.
+- Avoid free-text PII by default.
+## Examples
+See:
+- `examples/trigger-campaign-node.js`
+- `examples/trigger-campaign-python.py`

package/skills/api-triggered-campaigns/references/console-setup.md ADDED Viewed

@@ -0,0 +1,74 @@
+# Console Setup (API-Triggered Campaigns)
+This reference is for configuring the campaign **once** in the Clix console so
+your backend only needs to trigger with a small, stable payload.
+## 1) Create the campaign
+In the Clix console:
+1. Go to **Campaigns** → **Create Campaign**
+2. Choose your channel (push/in-app/email/etc.)
+3. In **Schedule & Launch**, select **API-Triggered**
+After saving, copy the `campaign_id`:
+- From the campaign details, or
+- From the URL: `.../campaigns/{campaign_id}`
+## 2) Dynamic audience filters (`trigger.*`)
+API-triggered campaigns support dynamic filtering where the **filter value**
+comes from the trigger payload (your API request).
+Example audience rule:
+```
+Group 1
+  user_role equals "store_staff"
+  AND
+  store_location equals {{ trigger.store_location }}
+```
+Then your backend passes:
+```json
+{
+  "properties": { "store_location": "San Francisco" }
+}
+```
+So delivery is limited to users matching:
+- static condition: `user_role == "store_staff"`
+- dynamic condition: `store_location == "San Francisco"`
+## 3) Limitations (design constraints)
+To keep on-demand filtering fast:
+- Keep audience definitions simple: **max 3 attributes**
+- Combine with **AND**/**OR** only within those constraints
+If you need complex targeting logic (many attributes, heavy joins), do it in
+your backend and use `audience.targets` for explicit recipients.
+## 4) Dynamic content (templates + deep links)
+Use `trigger.*` properties in templates:
+- Title: `New order at {{ trigger.store_name }}`
+- Body: `Order #{{ trigger.order_id }} from {{ trigger.customer_name }}`
+- Deep link: `myapp://orders/{{ trigger.order_id }}`
+Guidance:
+- For optional data, use defaults/guards so empty strings still read well.
+- Prefer pre-formatted values sent from backend (currency, durations, times).
+## 5) Verification checklist in console
+- Campaign type is **API-Triggered**
+- Audience rules reference `trigger.*` keys that your backend will send
+- Template preview renders correctly with a sample payload
+- Message Logs show no rendering errors after a test trigger

package/skills/api-triggered-campaigns/references/debugging.md ADDED Viewed

@@ -0,0 +1,77 @@
+# Debugging API-Triggered Campaigns
+Use this checklist when you triggered the API but users didn’t receive messages
+or templates rendered incorrectly.
+## 1) Confirm the campaign type and ID
+- Campaign is configured as **API-Triggered**
+- `campaign_id` in your backend call matches the console campaign
+## 2) Confirm auth headers
+- `X-Clix-Project-ID` is correct for the environment
+- `X-Clix-API-Key` is a valid **secret** key for that project
+- You are calling the correct base URL: `https://api.clix.so`
+If you see `401`, fix credentials first.
+## 3) Segment filtering is always applied
+Even with `broadcast=true`, only users matching the campaign’s segment
+definition are eligible.
+If you use `targets`, targeted users must still match the segment rules.
+## 4) Dynamic filters require exact keys
+If your audience rules reference `{{ trigger.store_location }}`, then your API
+call must include:
+```json
+{ "properties": { "store_location": "..." } }
+```
+Common failures:
+- key mismatch: `storeLocation` vs `store_location`
+- missing property
+- property value type mismatch (string vs number)
+## 5) Template rendering issues
+Check Message Logs in the console for:
+- missing variables
+- syntax errors in templates
+- unexpected empty strings
+Fix approach:
+- add `default` filters
+- add minimal guards for optional blocks
+- pre-format values in backend
+## 6) API errors
+- `400`: invalid/missing campaign id, malformed JSON, or campaign not
+  triggerable
+- `5xx`: transient server error (retry with backoff)
+## 7) Rate limits and retry storms
+If you trigger from high-volume workflows:
+- throttle upstream events
+- dedupe sends
+- add backoff on retries
+## 8) Minimal “known-good” test
+Trigger once with:
+- `broadcast=true`
+- a single dynamic filter key with a known-matching value
+- minimal properties used in template
+Then expand gradually (more properties, more audience constraints).

package/skills/api-triggered-campaigns/references/personalization-and-dynamic-filters.md ADDED Viewed

@@ -0,0 +1,54 @@
+# Personalization + Dynamic Filters (`trigger.*`)
+In API-triggered campaigns, your backend passes a `properties` map. These keys
+become available as `trigger.*` inside:
+- templates (title/body/subtitle)
+- deep links / URLs
+- audience rules (dynamic filtering)
+## Naming + stability
+- Use **snake_case** keys (`store_location`, `order_id`).
+- Keep keys stable over time; changing keys can break targeting and templates.
+## Missing data behavior
+If a property is missing, templates will often render it as an empty string.
+Design templates so they still read well.
+Suggested patterns:
+- Provide defaults: `{{ trigger.discount | default: "10%" }}`
+- Use guards/conditionals for optional blocks (keep logic minimal).
+## Pre-format values in backend
+Templates are not a full programming language. Prefer sending pre-formatted
+values:
+- send `"$29.99"` (string) rather than `2999` (number) if you want displayed
+  currency
+- send `"2:30 PM"` rather than raw timestamps if that’s what the message should
+  show
+## Dynamic audience filtering constraints
+Keep on-demand filtering fast:
+- max **3 attributes** per audience definition
+- use simple AND/OR combinations
+If you need complex targeting:
+- compute recipients in your backend
+- use `audience.targets` to specify recipients explicitly
+## Coordinate with event tracking and user properties
+For templates that depend on:
+- `user.*`: ensure your app sets user properties correctly (see
+  `clix-user-management`)
+- `event.*`: use event-triggered campaigns (see `clix-event-tracking`)
+- `trigger.*`: use this skill (API-triggered campaigns)

package/skills/api-triggered-campaigns/references/security-and-keys.md ADDED Viewed

@@ -0,0 +1,32 @@
+# Security & Key Handling
+API-triggered campaigns use secret credentials. Treat them like database
+passwords.
+## Which key is used here?
+The trigger endpoint uses:
+- `X-Clix-Project-ID`
+- `X-Clix-API-Key` (**Secret API Key**)
+Do not confuse this with mobile SDK public keys.
+## Rules (do this by default)
+- **Backend-only**: never expose the secret key in mobile/web apps.
+- **No source control**: do not commit keys in git (including examples).
+- **Use a secret store**: Vault / AWS Secrets Manager / GCP Secret Manager /
+  Doppler / 1Password CLI, etc.
+- **Rotate** keys periodically; rotate immediately if leaked.
+- **Separate environments**: dev/staging/prod should not share secret keys.
+## Logging
+- Never log request headers containing secrets.
+- If you log the payload for debugging, consider redacting sensitive properties.
+## Least privilege
+If Clix supports scoped keys in your environment, prefer keys limited to the
+required API calls.

package/skills/api-triggered-campaigns/scripts/validate-api-trigger-plan.sh ADDED Viewed

@@ -0,0 +1,159 @@
+#!/usr/bin/env bash
+#
+# Validate a Clix API-triggered campaign plan (api-trigger-plan.json).
+#
+# Usage:
+#   bash skills/api-triggered-campaigns/scripts/validate-api-trigger-plan.sh path/to/api-trigger-plan.json
+#
+# What it validates:
+# - JSON is valid
+# - campaign_id is present (string)
+# - dynamic_filter_keys is an array of <= 3 snake_case keys
+# - properties is a non-empty object with snake_case keys
+# - each property spec has a valid type and optional required/example/pii fields
+# - example value matches declared type (basic check)
+# - audience.mode is one of: broadcast | targets | default
+# - if audience.mode == targets: targets is a non-empty array and each entry has exactly one identifier (project_user_id or device_id)
+#
+set -euo pipefail
+plan_path="${1:-}"
+if [[ -z "$plan_path" ]]; then
+  echo "Usage: bash skills/api-triggered-campaigns/scripts/validate-api-trigger-plan.sh path/to/api-trigger-plan.json" >&2
+  exit 2
+fi
+if [[ ! -f "$plan_path" ]]; then
+  echo "Error: file not found: $plan_path" >&2
+  exit 2
+fi
+validate_with_python() {
+  python3 - "$plan_path" <<'PY'
+import json
+import re
+import sys
+path = sys.argv[1]
+snake = re.compile(r"^[a-z][a-z0-9_]*$")
+def is_primitive(v):
+  return isinstance(v, (str, int, float, bool)) or v is None
+with open(path, "r", encoding="utf-8") as f:
+  data = json.load(f)
+errors = []
+campaign_id = data.get("campaign_id")
+if not isinstance(campaign_id, str) or not campaign_id.strip():
+  errors.append("campaign_id must be a non-empty string")
+aud = data.get("audience", {})
+if aud is None:
+  aud = {}
+if not isinstance(aud, dict):
+  errors.append("audience must be an object if present")
+  aud = {}
+mode = aud.get("mode", "default")
+if mode not in ("broadcast", "targets", "default"):
+  errors.append("audience.mode must be one of: broadcast, targets, default")
+targets = aud.get("targets")
+if mode == "targets":
+  if not isinstance(targets, list) or not targets:
+    errors.append("audience.targets must be a non-empty array when audience.mode == 'targets'")
+  else:
+    for i, t in enumerate(targets):
+      if not isinstance(t, dict):
+        errors.append(f"audience.targets[{i}] must be an object")
+        continue
+      has_puid = isinstance(t.get("project_user_id"), str) and t.get("project_user_id").strip()
+      has_did = isinstance(t.get("device_id"), str) and t.get("device_id").strip()
+      if has_puid and has_did:
+        errors.append(f"audience.targets[{i}] must specify exactly one of project_user_id or device_id (not both)")
+      elif not has_puid and not has_did:
+        errors.append(f"audience.targets[{i}] must specify exactly one of project_user_id or device_id")
+else:
+  # If not targets mode, we ignore targets but still validate shape if provided
+  if targets is not None and not isinstance(targets, list):
+    errors.append("audience.targets must be an array if present")
+dfk = data.get("dynamic_filter_keys", [])
+if dfk is None:
+  dfk = []
+if not isinstance(dfk, list):
+  errors.append("dynamic_filter_keys must be an array if present")
+else:
+  if len(dfk) > 3:
+    errors.append("dynamic_filter_keys must contain at most 3 entries")
+  for i, k in enumerate(dfk):
+    if not isinstance(k, str) or not snake.match(k):
+      errors.append(f"dynamic_filter_keys[{i}] must be snake_case string")
+props = data.get("properties")
+if not isinstance(props, dict) or not props:
+  errors.append("properties must be a non-empty object")
+else:
+  for key, spec in props.items():
+    if not isinstance(key, str) or not snake.match(key):
+      errors.append(f"properties key '{key}' must be snake_case")
+    if not isinstance(spec, dict):
+      errors.append(f"properties['{key}'] must be an object")
+      continue
+    t = spec.get("type")
+    if t is None:
+      errors.append(f"properties['{key}'].type is required")
+      continue
+    if t not in ("string", "number", "boolean", "datetime"):
+      errors.append(
+        f"properties['{key}'].type must be one of: string, number, boolean, datetime"
+      )
+    req = spec.get("required")
+    if req is not None and not isinstance(req, bool):
+      errors.append(f"properties['{key}'].required must be boolean if present")
+    pii = spec.get("pii")
+    if pii is not None and not isinstance(pii, bool):
+      errors.append(f"properties['{key}'].pii must be boolean if present")
+    ex = spec.get("example")
+    if ex is not None:
+      if not is_primitive(ex):
+        errors.append(f"properties['{key}'].example must be a primitive (string/number/boolean/null)")
+      else:
+        if t == "string" and not isinstance(ex, str):
+          errors.append(f"properties['{key}'].example must be a string")
+        if t == "boolean" and not isinstance(ex, bool):
+          errors.append(f"properties['{key}'].example must be a boolean")
+        if t == "number":
+          # In Python, bool is a subclass of int; exclude it explicitly.
+          if isinstance(ex, bool) or not isinstance(ex, (int, float)):
+            errors.append(f"properties['{key}'].example must be a number")
+        if t == "datetime" and not isinstance(ex, str):
+          errors.append(f"properties['{key}'].example must be an ISO-8601 string")
+if errors:
+  print("❌ api-trigger-plan validation failed:")
+  for e in errors:
+    print(f"- {e}")
+  sys.exit(1)
+print("✅ api-trigger-plan validation passed")
+PY
+}
+if command -v python3 >/dev/null 2>&1; then
+  validate_with_python
+  exit 0
+fi
+echo "Warning: python3 not found; only checking JSON validity with node if available." >&2
+if command -v node >/dev/null 2>&1; then
+  node -e "JSON.parse(require('fs').readFileSync(process.argv[1], 'utf8')); console.log('✅ JSON is valid');" "$plan_path"
+  exit 0
+fi
+echo "Error: neither python3 nor node found; cannot validate." >&2
+exit 2