Digest
Ask anything about your vendors
Semantic search across every tracked announcement — get a direct answer, market context, and impact ratings in seconds.
Try asking about
Searching and generating analyst brief…
No results found — try a broader query or run backfill from Admin if items are missing
Direct Answer
Market Context
Vendor Analysis
Strategic Takeaway
Vendors
No vendors found
Markets
Define market scope to improve relevancy scoring and search quality.
User Management
Select at least one market — users must have access to at least one market.
✓ Invite sent to
No markets assigned — user sees nothing.
APNs is not configured — push notifications are unavailable.
No devices registered yet — open the iOS app on a physical device first.
No users have registered an iOS device yet.
Admin
APNS_KEY_ID, APNS_TEAM_ID, APNS_BUNDLE_ID, and APNS_KEY_CONTENT in Railway to enable.
-
Score ·
Platform Documentation
Architecture, dependencies, operations guide, and cost reference for support engineers.
Analyst Intelligence is a private market intelligence platform that automatically monitors vendor announcements across configurable markets, scores them for relevance, and delivers a daily AI-generated digest by email and iOS push notification. It is designed to be operated by a single administrator with a small number of invited iOS users.
The platform runs a nightly three-stage pipeline: ingestion (fetch RSS feeds and scrape vendor websites), processing (deduplicate, prefilter, and score each item with Claude AI), and digest (compile, summarize, and deliver). Users access content via a web dashboard (API key auth) or the native iOS app (email/password JWT auth).
┌──────────────────────────────────────────────────────────────────┐
│ RAILWAY (Cloud Host) │
│ │
│ ┌──────────────────────────┐ ┌────────────────────────────┐ │
│ │ FastAPI + Uvicorn │ │ PostgreSQL (Railway DB) │ │
│ │ (Python 3.12) │◄──► 14 tables, ORM via │ │
│ │ │ │ SQLAlchemy 2.0 │ │
│ │ ┌────────────────────┐ │ └────────────────────────────┘ │
│ │ │ APScheduler │ │ │
│ │ │ 02:00 Ingestion │ │ ┌────────────────────────────┐ │
│ │ │ 04:00 Processing │ │ │ Static Files │ │
│ │ │ HH:MM Digest │ │ │ dashboard.html │ │
│ │ └────────────────────┘ │ │ about / support / privacy│ │
│ └──────────────────────────┘ └────────────────────────────┘ │
└──────────────────────────────────────────────────────────────────┘
│ │ │
▼ ▼ ▼
┌─────────────┐ ┌──────────────┐ ┌──────────────────┐
│ Anthropic │ │ Resend │ │ Apple APNs │
│ Claude API │ │ Email API │ │ Push Service │
│ (Haiku) │ │ │ │ │
└─────────────┘ └──────────────┘ └──────────────────┘
▲ ▲
│ │
┌──────────────────┐ ┌────────────────────┐
│ Web Dashboard │ │ iOS App │
│ Alpine.js + │ │ SwiftUI │
│ Tailwind CSS │ │ JWT + Keychain │
│ (API Key auth) │ │ (email/pw auth) │
└──────────────────┘ └────────────────────┘
Framework & Server
FastAPI 0.115.5 served by Uvicorn 0.32.1 (ASGI, HTTP/2). Entry point: backend/app/main.py. On startup the app initialises the database schema, starts APScheduler, and registers all API routers.
Database
PostgreSQL via SQLAlchemy 2.0 ORM (psycopg2-binary driver). Schema management uses idempotent SQL fixups that run on every startup — no Alembic migrations. Connection pool: size 5, max overflow 10.
Authentication
Web dashboard: static X-API-Key header matched against the API_KEY environment variable using hmac.compare_digest() (timing-safe).
iOS app: JWT Bearer token (HS256, 30-day expiry) issued on email + password login. Password hashed with bcrypt. One-time invite and reset codes stored as SHA-256 hashes in auth_tokens. Signature and expiry are explicitly enforced on every decode. All auth events (login, activation, password reset — success and failure) are logged with the source IP address. The JWT_SECRET is validated at startup; the server refuses to start if it is still the placeholder default.
Security Hardening
CORS: Locked to https://www.analystintelligence.ai with an explicit allowlist of methods (GET POST PATCH DELETE) and headers. The iOS app communicates via Authorization: Bearer directly and is unaffected by browser CORS.
HSTS: Every response includes Strict-Transport-Security: max-age=31536000; includeSubDomains. After one visit, browsers permanently refuse to connect over plain HTTP.
Error messages: Internal infrastructure details (platform names, environment variable names, exception text) are logged server-side only. HTTP error responses return generic messages.
Additional hardening (April 2026): Auth endpoints are rate-limited via slowapi (login: 5/15 min; forgot-password: 3/hr; set-password: 10/hr; reset-password: 5/hr). The web dashboard JWT is stored in an httpOnly SameSite=Lax cookie — no longer in localStorage — eliminating XSS token theft. Admin routes use a centralized require_admin dependency. POST /auth/logout clears the cookie server-side. JWT lifetime shortened to 7 days (was 30) to reduce the exposure window from stolen tokens. Password policy raised to 12+ characters with uppercase, lowercase, digit, and special character required. Vendor and source URLs are validated to only accept http:// or https:// schemes on create/update. User role is now read from the server via GET /auth/me on every page load — auth_role is no longer stored in localStorage, eliminating the ability to escalate the visible UI role by editing browser storage. The iOS app is unaffected — it continues to use Authorization: Bearer headers with tokens stored in Keychain. Remaining known risks: no server-side JWT revocation (a revoked token remains valid until its 7-day expiry); no TOTP/2FA.
Scheduler (APScheduler 3.10.4)
misfire_grace_time — if the service restarts within 30 minutes of the scheduled time the job fires immediately on startup. Email recipients are derived from user accounts — admin users receive every market's digest; role=user accounts receive only the markets in their access list. Only active users who have completed account setup (password set) are included. No separate email list is maintained.
AI Usage (Claude Haiku for processing & summaries · Claude Sonnet for search)
Each passing item is sent to Claude with its title, first 600 characters of content, vendor name, and market context. Claude returns a JSON payload with: relevance_score (0–100), category, headline (≤15 words), summary (2–3 sentences), why_it_matters (1 sentence), and confidence. Calibrated with few-shot examples drawn from user thumbs-up/down feedback. Max 512 output tokens.
Generated once per digest at compile time, stored in the digests.exec_summary column. Claude receives the top-scored items grouped by vendor and writes a ≤250-word analyst brief with vendor names bolded and one paragraph per vendor. Included in email, web dashboard, and iOS app.
Optional. Uses Claude Sonnet (claude-sonnet-4-6) rather than Haiku — the richer synthesis across many results benefits from the stronger model. When a user submits a search query with summarize=true, the top 12 results are sent to Claude which returns a structured AnalystBrief: direct_answer, market_context, per-vendor vendor_analyses with impact ratings, and strategic_takeaway. 90-second timeout. Requires OPENAI_API_KEY for embeddings.
Python Dependencies
| Package | Version | Purpose |
|---|---|---|
Single-page application served as a static HTML file (backend/app/static/dashboard.html). No build step — all dependencies loaded from CDN.
Lightweight reactive framework. All state lives in a single app() function. No build tooling or bundler required.
Utility-first CSS. Dark mode enabled via darkMode: 'class'. The .dark class is applied to the authenticated app container and each modal individually (not <html>), keeping the login page permanently light. Toggle preference stored in localStorage. All type="date" inputs require explicit dark:bg-slate-700 dark:text-gray-100 classes — the browser's native date picker does not inherit color-scheme automatically from Tailwind.
Primary typeface. Loaded from fonts.googleapis.com. Free, no API key required.
API key entered at login; verified against GET /markets/ before granting access. Stored in memory only (no persistence after refresh).
Tabs
Native SwiftUI app (ios/AnalystIntelligence/). No third-party Swift packages — uses only Apple system frameworks (Foundation, UIKit, SwiftUI, UserNotifications, Security). Requires iOS 16+ and an Apple Developer account for distribution.
Authentication Flow
Admin registers user via the web dashboard → system emails an 8-character invite code → user opens app, enters invite code + sets password → POST /auth/set-password returns JWT → token stored in iOS Keychain → all API calls include Authorization: Bearer <token>. JWTs expire after 30 days; user must re-login.
Key Files
| File | Purpose |
|---|---|
Push Notifications (APNs)
Device tokens registered via POST /devices/register on every app launch. Digest job pushes via Apple APNs using HTTP/2 + JWT authentication (requires APNS_KEY_ID, APNS_TEAM_ID, APNS_BUNDLE_ID, APNS_KEY_CONTENT).
Set APNS_SANDBOX=true for Xcode debug builds; false for TestFlight/App Store. When switching environments, use Admin → Clear Device Tokens to purge stale registrations.
Iterates all active vendor_sources rows. RSS sources parsed with feedparser (24-hour lookback). Blog and press scrape sources use Playwright to load the page, then BeautifulSoup to extract article links. Each new URL is stored as a RawItem with a URL hash for deduplication. Source failure counts are incremented on error and reset on success.
Unprocessed RawItems pass through three gates: (a) fuzzy dedup — rapidfuzz title similarity against recent items; (b) keyword prefilter — rejects job postings, award announcements, speaking engagements, and customer case studies; (c) LLM analysis — Claude Haiku scores relevance (0–100) and generates headline, summary, why-it-matters, and category. Items scoring at or above the Relevance Threshold are flagged in_digest=true.
Groups in_digest=true items by market and date. Items scoring ≥ Top Story Threshold appear under "Top Stories"; items between the two thresholds appear under "Also Noted". Claude generates a per-market executive summary stored in digests.exec_summary. Compilation is idempotent — re-running does not regenerate the exec summary if it already exists.
HTML digest email rendered per market and sent via Resend to configured recipients. Apple APNs push sent to all registered device tokens. Both delivery methods record a sent_at timestamp on the Digest row.
Scoring Thresholds
Both thresholds are configurable in Admin → Configuration. Default: Relevance = 45, Top Story = 70.
Set in Railway's Variables panel (or a local .env file for development). Changes require a service redeploy to take effect, except for digest time/timezone which can be updated live via the admin settings API.
Required
| Variable | Description |
|---|---|
Optional
| Variable | Default | Description |
|---|---|---|
The platform is hosted on Railway. The repository root contains a backend/railway.toml that Railway reads automatically.
Nixpacks — auto-detects Python, installs requirements.txt, runs Playwright browser install.
uvicorn app.main:app --host 0.0.0.0 --port $PORT
GET /health — returns {"status":"ok"}. 30-second timeout. Railway restarts on failure (max 3 retries).
SQLAlchemy create_all() + manual fixups run on every startup. Safe to redeploy at any time.
iOS Build
Before building in Xcode, update the backend URL in ios/AnalystIntelligence/Config.swift. No Swift Package Manager dependencies — standard library only. Requires an active Apple Developer account ($99/year) for distribution via TestFlight or the App Store.
When switching between sandbox (Xcode) and production (TestFlight) APNs environments, clear all device tokens from Admin → Test & Notifications → Clear Device Tokens to avoid silent delivery failures.
Adding a Vendor
Go to Vendors → Add Vendor. Enter the name, website URL, and select the market. Then expand the vendor row and add at least one Feed Source. RSS and Release Notes are the most reliable source types — both fetch a standard RSS/Atom feed URL. Blog Scrape and Press Release Scrape use Playwright and require a URL pointing to the index page, not an individual post. Monitor the source health dot (green = healthy, red = one or more failures).
Running the Pipeline Manually
In Admin → Pipeline & Jobs, run steps in order: Ingestion → Processing → Digest. Each button is disabled while the job is running. Use "Run Full Pipeline" to run all three in sequence. After ingestion, check source health for any newly-failed sources before proceeding.
Resending a Digest
Send Digest automatically resets before compiling — it deletes any existing digest rows for the selected date and clears in_digest flags so items are re-evaluated from scratch. Simply pick a date and click Send Digest; no manual reset step is needed.
Adding an iOS User
Go to Admin → Authorized Users → Register. Enter the user's email and role (Admin or User). If Role = User, select which markets they can access. The system emails an invite code to the address. The user opens the iOS app, taps "First time? Set up your account", enters the code and chooses a password. Invite codes expire after 7 days; use Resend Invite if needed.
Adjusting Relevance Thresholds
In Admin → Configuration: Relevance Threshold is the floor — items below this score are excluded from the digest entirely. Top Story Threshold determines the cut between "Top Stories" and "Also Noted" — must be set higher than the relevance threshold. Changes apply to new digest compilations; reset and recompile a date's digest to apply retroactively.
Market Context
Go to Markets and expand a market to edit its AI context fields: Market Definition (what the market is), Market Purpose (why users care), Mandatory Features (required product capabilities), Optional Features (nice-to-have capabilities). These fields are injected directly into the Claude prompt for every item in that market — better context = more accurate relevance scoring.
Semantic Search Setup
Search requires an OpenAI API key (OPENAI_API_KEY environment variable). After setting the key and redeploying, run Admin → Backfill Embeddings once to generate vectors for all existing processed items. New items are embedded automatically during the processing job.
Estimates based on a typical deployment monitoring ~20 vendors across 2 markets, processing ~50 items per day, with 2–3 iOS users. Prices as of mid-2025 — verify current pricing with each provider.
| Service | Purpose | Pricing Model | Est. Monthly | Paid? |
|---|---|---|---|---|
| Estimated Total | ~$26 – $44 / mo | |||
Changelog
A plain-English record of what has changed in each release, newest first.
Fixed FK violation in Dedup Cleanup — digest item rows referencing processed items are now deleted first before the processed items themselves, preventing the constraint error on cleanup runs.
Added Release Notes as a new vendor source type. Works identically to RSS — point it at a vendor's changelog RSS/Atom feed and it will be ingested and scored alongside blog posts and press releases. Release Notes sources show a distinct amber badge in the source health panel and vendor list.
Full Run now truly waits for each pipeline step to finish on the backend before starting the next — previously the step sequence was fire-and-forget. The digest step in Full Run always targets today's date and auto-resets the existing digest before recompiling. Fatal errors in any background job (ingestion, processing, digest) now trigger an immediate alert email to the admin.
Send Digest now auto-resets before compiling, so there's no longer a need to click Reset Digest first. The Reset Digest button has been removed from the admin panel. The backend deletes any existing digest rows for the target date and clears in_digest flags before recompiling, making every Send Digest idempotent.
Fixed scraper process exhaustion on Railway. Blog and press scrape sources were each launching a fresh Chromium browser process, hitting the container's process limit (EAGAIN) after a handful of sources. The ingestion pipeline now launches a single shared browser once per run and routes all scrape sources through it sequentially, reducing Chromium process spawns from N (one per source) to 1.
iOS feedback submission. A feedback button (conversation icon) in the Vendors tab toolbar opens a native sheet with subject and message fields. Submitting POSTs to POST /app-feedback with source: "ios", shows a success confirmation, and appears alongside all other submissions in the web admin Feedback tab.
Vendor CSV export. A new Export CSV button in the Vendors tab opens a market selection dialog pre-populated with all markets you have access to. After confirming your selection the browser downloads a vendors.csv file containing each vendor's market, name, website, and all configured feed sources (one row per source).
User feedback system. Any authenticated user can submit platform feedback (bug reports, feature requests, questions) via a new modal accessible from the sidebar on web and from the iOS app. Submissions are stored in the database with submitter info and status tracking. Admins get a new Feedback tab with a full list of all submissions, the ability to update status (Open / In Progress / Resolved), add internal notes, and reply to users directly by email. Replying automatically marks the item Resolved. Support page updated with JWT sign-in instructions, expanded FAQs, and App Store link.
Public marketing home page at analystintelligence.ai. Elegant dark hero design, AI + human intelligence partnership framing, feature highlights, and "by invitation, free" access messaging. Updated About page with Tom Cipolla's professional biography, career timeline, expertise areas, LinkedIn and contact links. No tech-stack disclosure on public pages.
Full mobile phone responsive layout. On small screens the sidebar hides and a bottom tab bar appears with Search, Feed, Digest, Vendors, and Admin. A compact top header shows the current section. Content padding, the Admin pipeline grid, and filter bars all reflow cleanly at phone width. Tablet and desktop layouts are unchanged.
Fixed iOS (and web) showing no digest for today's date. Digests were being stored under yesterday's date instead of the generation date, so requesting today always returned 404. The digest job now files entries under the date it runs. Added a graceful API fallback so that requesting today before the digest job completes returns the most recent available digest instead of a hard 404.
Added "Legal & Privacy" section to the left nav. Includes quick links to the Privacy Policy, Support, and About pages; a Hosting & Infrastructure table; and a Data Processing Agreement stating that user data will never be sold or used outside the application.
Pipeline last-ran timestamps now persist to the database and survive server restarts and deployments. Previously, "Last ran" on the Admin page would reset to "—" after every deploy.
Each pipeline step on the Admin page now shows its scheduled run time, when it last ran, and when it will run next — all displayed in your local timezone. Last-ran times are now also tracked for jobs that run automatically on the schedule, not just those triggered manually.
Added a refresh button to the Changelog page. Since changelog entries are part of the application itself, the button reloads the page so the latest entries are reflected without manually refreshing the browser.
Added refresh buttons to the Digest, Vendors, and Markets pages so you can reload data without navigating away or doing a full page reload. Feed already had one; the button style is consistent across all tabs.
The executive summary in each newsletter is now shorter and punchier — one sentence per vendor, under 80 words total, focused on the single most important headline. On quiet days with no notable updates, the summary now says so explicitly rather than being omitted from the email entirely.
Added a Re-embed All button in Admin → Semantic Search. Use this after an embedding model upgrade to clear and regenerate all stored vectors. The existing button is now labelled Backfill New and continues to handle routine catch-up of items missing embeddings.
Deleting a vendor now permanently removes it and all associated data (sources, raw items, processed items, digest entries). Previously, deleted vendors would reappear after a page reload because the system was only marking them inactive rather than removing them.
Fixed a deployment failure on Railway that prevented the rate-limiting feature from loading, causing the application to crash on startup. The build process now guarantees all dependencies are installed even when the build cache is stale.
Migrated semantic search from OpenAI's text-embedding-3-small (deprecated October 2026) to text-embedding-3-large. Search quality improves with the upgrade. After this deployment, run Admin → Backfill Embeddings once to regenerate stored vectors — existing search results will be degraded until the backfill completes.
Vendor cards now show the correct source count immediately when you add or remove a feed source — no page reload needed. You can now also change which market a vendor belongs to directly from the Edit Vendor screen. A new Changelog tab was added to the bottom of the navigation panel so releases are easy to review.
Session tokens now expire after 7 days instead of 30, reducing the window of exposure if a token is ever stolen. Password requirements were strengthened — passwords must now be at least 12 characters and include uppercase, lowercase, a number, and a special character. Feed source and vendor website URLs are now validated to block invalid schemes. The user role shown in the sidebar is now verified directly with the server on every page load rather than being read from browser storage, preventing anyone from faking admin access in the interface.
Login and password reset endpoints now enforce automatic lockouts after repeated failed attempts, preventing brute-force attacks. After signing in on the web dashboard, your session token is now stored in a secure browser cookie that JavaScript cannot read — eliminating a class of attacks where malicious content could steal your login. Admin-only features are now protected by a single centralised check rather than scattered guards, making it easier to maintain consistently. Signing out now immediately invalidates the session on the server.
Fixed a crash that prevented the Digest view from loading. Navigating to a specific date's digest would fail with an error; it now loads correctly.
Completed a full security review of the platform. Hardened the application against common web attacks: locked down which websites can communicate with the API, enforced HTTPS-only connections, strengthened how login tokens are validated, masked internal error details from being visible in the browser, and ensured all API key checks are resistant to timing-based guessing attacks. All authentication events (successful and failed) now record the source IP address for audit purposes.
Added a User Management section for administrators. You can now see when each user last logged in, whether they have the iOS app installed, and the date they registered their device. Added the ability to send a push notification directly to a specific user's device, as well as a broadcast tool to send a custom notification to all users or a selected subset.
New users can now activate their account directly from the sign-in screen using the invite code sent to them by email. Previously this step was only accessible from the iOS app. The invite email now includes a direct link to the platform for easier onboarding.
The Top Story relevance threshold is now configurable from the Admin panel without needing a code change. Digest email recipients are now drawn from the registered user list rather than a hardcoded email address. Improved the user registration flow with a confirmation message on success. Fixed a visual issue with date inputs in dark mode. Added a documentation tab for administrators covering the full platform architecture.
Initial web dashboard and iOS backend launch. Includes feed monitoring across multiple markets and vendors, daily digest email delivery, the search feature with AI-generated analyst briefs, user authentication with invite-based onboarding, and iOS push notifications.
Initial platform build. Core pipeline established: vendor source monitoring, RSS and web scraping, AI-based relevance scoring, and digest compilation. Deployed to Railway.
User Feedback
Review, respond to, and track feedback submitted by all users.
No feedback submissions yet.
Admin Notes
Reply to Feedback
Sending email to
After sending, the feedback will automatically be marked as Resolved.
Legal & Privacy
Policies, hosting details, and your data rights.
All application data and processing takes place on the following platforms. No data leaves this infrastructure except as described in the Privacy Policy.
This Data Processing Agreement ("DPA") describes how Analyst Intelligence ("the service," "we") processes data provided by or generated on behalf of authorized users ("you," "the user"). It applies to all data submitted to, stored in, or processed by the service.
We will not sell, rent, license, or otherwise transfer your data or any data generated through your use of the service to any third party for commercial purposes. Your data is not an asset that changes hands in any transaction involving the service.
Data collected through the service — including vendor intelligence content, user accounts, feedback signals, device tokens, and email addresses — is used exclusively to operate and improve the service for you. It is not used for advertising, cross-service profiling, or any purpose outside the functionality described in the application.
The service uses the sub-processors listed in the Hosting & Infrastructure section above to deliver its functionality. Data is shared with these services only to the extent necessary for the specific function they perform (e.g., AI analysis, email delivery). All sub-processors are required under their own terms not to use your data for purposes beyond the service call.
All data in transit is encrypted via TLS. Data at rest is stored in a private, non-publicly-accessible PostgreSQL database. Access requires authentication credentials that are never stored in plain text.
Users may request deletion of their account and associated data at any time by contacting the administrator. Vendor intelligence content (items, digests) is retained to support the historical search and digest features; individual user data (account, feedback, device tokens) is deleted promptly upon request.
Questions about this agreement or data practices can be directed to [email protected].