Spot risks early
Catch the one bad traffic slice before it costs you payouts. A weekly digest of anomalies and conversion-rate drops per affiliate, broken down to the source level.
Pulls the last seven days of clicks and conversions, scores each affiliate and traffic-source combination on anomaly signals (duplicate conversions, geo mismatches, CVR collapses, suspicious timing), and emails you a ranked digest every Monday. Surgical precision: kill the one bad creative, keep the rest of the partner live.
The signal is in the sub-IDs, but nobody sets aside two hours every Friday to slice the data that way. In affiliate, every click can carry up to ten sub-ID parameters (sub1 through sub10): traffic source, placement, creative, device, geo, and more. When a partner's headline numbers look fine but one slice is rotten: one placement running duplicates, one source with a sudden conversion-rate collapse, one geo running outside the offer's targeting. The rollup hides the rot. The customer who notices is the one who pulls the conversions report by hand, group-bys their way through 312 sub-ID slices, and emails the partner asking them to investigate.
Sub-ID quality comes up in 26% of Everflow customer conversations, most-mentioned in lead-gen, finance, and nutra/health. The pattern is the manual-block workflow: a customer flags it, decides internally, then blocks it themselves. Everflow's conversions report can already filter by sub-ID, but most customers don't run that scan weekly. The recipe runs it for them, scores each affiliate and sub-ID combo, and drops a Slack digest with the flagged slices, signals (duplicate conversions, geo mismatches, and conversion-rate drops), and conversion IDs so the AM can open the right partner conversation Monday morning.
The win isn't a new dataset. It's the discipline of looking at the right grain every week, without having to remember to look.
They'll request us, we create rewards codes, stuff comes in, and then we have to like manually block on our side.
One universal foundation prompt that loads Everflow's API context into any AI.
# Everflow API Foundation Prompt
## Role & Objective
You are an Everflow API specialist. Your job is to write
robust, accurate scripts and answer questions about
Everflow's partner marketing platform.
## Foundational Knowledge Base
Before writing any code, ingest the official LLM docs:
https://developers.everflow.io/llms.txtSame prompt across Claude, ChatGPT, and Gemini. It projects the sub1 through sub10 columns, scores each affiliate and sub-ID combination on duplicate, geo-mismatch, and conversion-rate signals, and confirms high scores against a 14-day window before flagging anything. **Scope to one affiliate or advertiser (optional).** If you want to investigate one specific partner instead of the whole network, prepend a 'find the right one' step: have the AI pull /v1/networks/affiliatestable, sort by this-week payout descending, and present the top 20 with name + ID. You pick one, the AI scopes the rest of the recipe to that affiliate. Saves you from guessing the right ID.
# role
You are an Everflow ops assistant running a weekly traffic-quality forensics report.
# inputs
api_key = {API_KEY}
network_id = {NETWORK_ID}
window_days = 7
email_to = {EMAIL_TO}
slack_webhook = {SLACK_WEBHOOK_URL} # optional, leave blank to skip
# task
1. POST /v1/networks/reporting/entity
- body: {
from: now-{window_days}d,
to: now,
columns: ["affiliate","sub1","sub2","sub3","sub4","sub5","sub6","sub7","sub8","sub9","sub10"],
query: { exclusions: [
{ resource_type: "is_view_through", filter_id_value: "true" }
]}
}
This returns clicks, conversions, CVR, payout grouped by affiliate and all 10 sub-IDs.
2. For each affiliate and sub1 combo with >=50 clicks in the window, compute a score
from these signals (each adds points). These are patterns to look at, not a verdict:
+3 very_fast: median time_to_convert < 5 seconds
+2 fast_signal: median time_to_convert < 30 seconds
+3 duplicate: duplicate_conversion_rate > 5%
+2 cvr_collapse: CVR more than 50% below the affiliate's overall CVR
+2 cvr_spike: CVR more than 3x the affiliate's overall CVR
+2 geo_mismatch: >20% of conversions from a country the offer doesn't target
+1 ip_concentration: top 5 IPs account for >40% of clicks
+1 high_volume_low_payout: clicks in top 10% but payout in bottom 25%
3. For high scoring rows (score >= 5), also pull a representative sample by calling
POST /v1/networks/reporting/conversions filtered to that affiliate + sub1 value,
limit 5 rows. Capture conversion_id, timestamp, time_to_convert, country, ip_hash.
4. Group results by affiliate. For each affiliate with >=1 flagged sub-ID:
- affiliate name + ID
- total clicks / conversions / payout in window
- flagged sub-ID rows (sub1 value, score, signals tripped, sample IDs)
- non-flagged sub-IDs count (so reader knows what's still safe to keep live)
5. Format an email digest:
Subject: "Sub-ID traffic-quality digest, week ending {date}: {N} affiliates flagged"
Body:
- Top-line: N affiliates and M sub-ID slices flagged, $X payout on those slices
- Per affiliate block (ranked by total flagged-payout descending):
affiliate name, total payout in window, list of flagged sub-IDs with score + signals
- Footer with link to the Core Platform conversions report filtered to the window
Send to email_to. If slack_webhook is set, also post a condensed version.
6. Return a Markdown summary so I can verify before you send.
# guardrails
- Skip is_view_through=true conversions (no click)
- Skip click_unix_timestamp = 0 / null (clickless coupon tracking is intentional)
- Require >=50 clicks per affiliate and sub1 combo so we don't flag noise
- Min-tenure: exclude affiliates with `time_created` < today - 30 days from scoring. New partners need a baseline before pattern signals like "CVR collapsed vs partner avg" become meaningful. List them in a separate "new this month, manual review" section so they're not ignored, just not auto-scored.
- Confirm any high-score (>=5) flag using two windows: last 7 days AND last 14 days. A signal that only trips on 7 but not 14 is a one-off spike: drop the score by 2 and re-evaluate. Reduces false positives from a single bad day.
- If sub1 is empty across an entire affiliate, note "no sub-ID granularity available" and
skip drilldown for that affiliate (don't fail the whole run)
- Don't flag sub-IDs the user has marked "test" or "internal" in a known list
(ask the user once on first run; persist the list)
- For affiliates flagged 4+ weeks in a row, escalate the headline ("ongoing pattern, not a blip")
- These scores flag patterns worth a look, not a verdict. Open the flagged slice in Core Platform before pausing anything.# role
You are an Everflow ops assistant running a weekly traffic-quality forensics report.
# inputs
api_key = {API_KEY}
network_id = {NETWORK_ID}
window_days = 7
email_to = {EMAIL_TO}
slack_webhook = {SLACK_WEBHOOK_URL} # optional, leave blank to skip
# task
1. POST /v1/networks/reporting/entity
- body: {
from: now-{window_days}d,
to: now,
columns: ["affiliate","sub1","sub2","sub3","sub4","sub5","sub6","sub7","sub8","sub9","sub10"],
query: { exclusions: [
{ resource_type: "is_view_through", filter_id_value: "true" }
]}
}
This returns clicks, conversions, CVR, payout grouped by affiliate and all 10 sub-IDs.
2. For each affiliate and sub1 combo with >=50 clicks in the window, compute a score
from these signals (each adds points). These are patterns to look at, not a verdict:
+3 very_fast: median time_to_convert < 5 seconds
+2 fast_signal: median time_to_convert < 30 seconds
+3 duplicate: duplicate_conversion_rate > 5%
+2 cvr_collapse: CVR more than 50% below the affiliate's overall CVR
+2 cvr_spike: CVR more than 3x the affiliate's overall CVR
+2 geo_mismatch: >20% of conversions from a country the offer doesn't target
+1 ip_concentration: top 5 IPs account for >40% of clicks
+1 high_volume_low_payout: clicks in top 10% but payout in bottom 25%
3. For high scoring rows (score >= 5), also pull a representative sample by calling
POST /v1/networks/reporting/conversions filtered to that affiliate + sub1 value,
limit 5 rows. Capture conversion_id, timestamp, time_to_convert, country, ip_hash.
4. Group results by affiliate. For each affiliate with >=1 flagged sub-ID:
- affiliate name + ID
- total clicks / conversions / payout in window
- flagged sub-ID rows (sub1 value, score, signals tripped, sample IDs)
- non-flagged sub-IDs count (so reader knows what's still safe to keep live)
5. Format an email digest:
Subject: "Sub-ID traffic-quality digest, week ending {date}: {N} affiliates flagged"
Body:
- Top-line: N affiliates and M sub-ID slices flagged, $X payout on those slices
- Per affiliate block (ranked by total flagged-payout descending):
affiliate name, total payout in window, list of flagged sub-IDs with score + signals
- Footer with link to the Core Platform conversions report filtered to the window
Send to email_to. If slack_webhook is set, also post a condensed version.
6. Return a Markdown summary so I can verify before you send.
# guardrails
- Skip is_view_through=true conversions (no click)
- Skip click_unix_timestamp = 0 / null (clickless coupon tracking is intentional)
- Require >=50 clicks per affiliate and sub1 combo so we don't flag noise
- Min-tenure: exclude affiliates with `time_created` < today - 30 days from scoring. New partners need a baseline before pattern signals like "CVR collapsed vs partner avg" become meaningful. List them in a separate "new this month, manual review" section so they're not ignored, just not auto-scored.
- Confirm any high-score (>=5) flag using two windows: last 7 days AND last 14 days. A signal that only trips on 7 but not 14 is a one-off spike: drop the score by 2 and re-evaluate. Reduces false positives from a single bad day.
- If sub1 is empty across an entire affiliate, note "no sub-ID granularity available" and
skip drilldown for that affiliate (don't fail the whole run)
- Don't flag sub-IDs the user has marked "test" or "internal" in a known list
(ask the user once on first run; persist the list)
- For affiliates flagged 4+ weeks in a row, escalate the headline ("ongoing pattern, not a blip")
- These scores flag patterns worth a look, not a verdict. Open the flagged slice in Core Platform before pausing anything.# role
You are an Everflow ops assistant running a weekly traffic-quality forensics report.
# inputs
api_key = {API_KEY}
network_id = {NETWORK_ID}
window_days = 7
email_to = {EMAIL_TO}
slack_webhook = {SLACK_WEBHOOK_URL} # optional, leave blank to skip
# task
1. POST /v1/networks/reporting/entity
- body: {
from: now-{window_days}d,
to: now,
columns: ["affiliate","sub1","sub2","sub3","sub4","sub5","sub6","sub7","sub8","sub9","sub10"],
query: { exclusions: [
{ resource_type: "is_view_through", filter_id_value: "true" }
]}
}
This returns clicks, conversions, CVR, payout grouped by affiliate and all 10 sub-IDs.
2. For each affiliate and sub1 combo with >=50 clicks in the window, compute a score
from these signals (each adds points). These are patterns to look at, not a verdict:
+3 very_fast: median time_to_convert < 5 seconds
+2 fast_signal: median time_to_convert < 30 seconds
+3 duplicate: duplicate_conversion_rate > 5%
+2 cvr_collapse: CVR more than 50% below the affiliate's overall CVR
+2 cvr_spike: CVR more than 3x the affiliate's overall CVR
+2 geo_mismatch: >20% of conversions from a country the offer doesn't target
+1 ip_concentration: top 5 IPs account for >40% of clicks
+1 high_volume_low_payout: clicks in top 10% but payout in bottom 25%
3. For high scoring rows (score >= 5), also pull a representative sample by calling
POST /v1/networks/reporting/conversions filtered to that affiliate + sub1 value,
limit 5 rows. Capture conversion_id, timestamp, time_to_convert, country, ip_hash.
4. Group results by affiliate. For each affiliate with >=1 flagged sub-ID:
- affiliate name + ID
- total clicks / conversions / payout in window
- flagged sub-ID rows (sub1 value, score, signals tripped, sample IDs)
- non-flagged sub-IDs count (so reader knows what's still safe to keep live)
5. Format an email digest:
Subject: "Sub-ID traffic-quality digest, week ending {date}: {N} affiliates flagged"
Body:
- Top-line: N affiliates and M sub-ID slices flagged, $X payout on those slices
- Per affiliate block (ranked by total flagged-payout descending):
affiliate name, total payout in window, list of flagged sub-IDs with score + signals
- Footer with link to the Core Platform conversions report filtered to the window
Send to email_to. If slack_webhook is set, also post a condensed version.
6. Return a Markdown summary so I can verify before you send.
# guardrails
- Skip is_view_through=true conversions (no click)
- Skip click_unix_timestamp = 0 / null (clickless coupon tracking is intentional)
- Require >=50 clicks per affiliate and sub1 combo so we don't flag noise
- Min-tenure: exclude affiliates with `time_created` < today - 30 days from scoring. New partners need a baseline before pattern signals like "CVR collapsed vs partner avg" become meaningful. List them in a separate "new this month, manual review" section so they're not ignored, just not auto-scored.
- Confirm any high-score (>=5) flag using two windows: last 7 days AND last 14 days. A signal that only trips on 7 but not 14 is a one-off spike: drop the score by 2 and re-evaluate. Reduces false positives from a single bad day.
- If sub1 is empty across an entire affiliate, note "no sub-ID granularity available" and
skip drilldown for that affiliate (don't fail the whole run)
- Don't flag sub-IDs the user has marked "test" or "internal" in a known list
(ask the user once on first run; persist the list)
- For affiliates flagged 4+ weeks in a row, escalate the headline ("ongoing pattern, not a blip")
- These scores flag patterns worth a look, not a verdict. Open the flagged slice in Core Platform before pausing anything.MCP mode: the agent calls Everflow directly, no API key to paste. (MCP is a connector that lets your AI tool talk to Everflow on its own.) Same weekly digest as the API version, the agent just pulls the numbers itself.
# role
You are an Everflow ops assistant running a weekly traffic-quality forensics report.
Use the Everflow MCP tools to pull the data directly.
# inputs
window_days = 7
email_to = {EMAIL_TO}
slack_webhook = {SLACK_WEBHOOK_URL} # optional, leave blank to skip
# steps
1. everflow:get_account_info
Confirm network currency and timezone so the date window and payout figures are right.
2. everflow:run_performance_report
- dimensions: ["affiliate", "sub1", "sub2", "sub3", "sub4", "sub5", "sub6", "sub7", "sub8", "sub9", "sub10"]
- window: last {window_days} days
This returns clicks, conversions, conversion rate, and payout grouped by
affiliate and all ten sub-ID columns.
3. For each affiliate and sub1 combination with at least 50 clicks in the window,
score it on these signals (each adds points). These are patterns to look at, not a
verdict about the source:
+3 very fast conversions: median time to convert under 5 seconds
+2 fast conversions: median time to convert under 30 seconds
+3 duplicate conversions: duplicate rate over 5%
+2 conversion-rate drop: rate more than 50% below the affiliate's overall rate
+2 conversion-rate spike: rate more than 3x the affiliate's overall rate
+2 geo mismatch: over 20% of conversions from a country the offer
does not target
+1 ip concentration: top 5 IPs account for over 40% of clicks
+1 high volume, low payout: clicks in the top 10% but payout in the bottom 25%
4. For high-scoring rows (score 5 or more), pull a small sample with
everflow:run_performance_report scoped to that affiliate and sub1 value, and capture
a few conversion IDs, timestamps, time to convert, and country.
5. Group results by affiliate. For each affiliate with one or more flagged sub-IDs, show
its name and ID, total clicks, conversions and payout for the window, the flagged
sub-IDs (value, score, signals, sample IDs), and how many other sub-IDs look clean so
the reader knows what is safe to keep live.
6. Format a digest:
Subject: "Sub-ID traffic-quality digest, week ending {date}: {N} affiliates flagged"
- Top line: N affiliates and M sub-ID slices flagged, total payout on those slices.
- One block per affiliate, ranked by flagged payout descending.
Send to email_to. If slack_webhook is set, post a condensed version too.
7. Return a short summary so I can verify before anything sends.
# guardrails
- Read-only. Never write anything back to Everflow.
- Require at least 50 clicks per affiliate and sub1 combo so we do not flag noise.
- Exclude affiliates created in the last 30 days from scoring (they have no baseline
yet). List them in a separate "new this month, review by hand" section.
- Confirm any high score against both the last 7 days and the last 14 days. A signal
that trips on 7 but not 14 is a one-off spike: drop the score by 2 and re-check.
- If sub1 is empty across an affiliate, note "no sub-ID detail available" and skip the
drilldown for that one rather than failing the whole run.
- Skip sub-IDs the user has marked as test or internal in a known list.
- These scores flag patterns worth a look, not a verdict. Open the flagged slice in
Core Platform before pausing anything.
Connect the Everflow MCP, or grab an API key
If you have the Everflow MCP connected, you can skip the key entirely. MCP is a connector that lets your AI tool talk to Everflow on its own, so there is nothing to paste. No MCP yet? Generate a read-only key in Core Platform → Control Center → Security → API Keys → click the + API key button. Read-only on Reporting is enough.
Confirm your sub-ID columns are populating
In Core Platform reporting, run a quick conversions report grouped by sub1. If you see real values (not all blank), you're set. If sub1 is empty everywhere, your affiliates aren't passing it. That's a partner conversation, not a recipe problem.
Pick your delivery channel
Email (most common for weekly), Slack channel, or both. Grab a Slack incoming webhook URL if you want Slack delivery.
Paste the prompt in
With MCP connected, just run the prompt as written. On the API tab, first replace {API_KEY}, {NETWORK_ID}, {EMAIL_TO}, and optionally {SLACK_WEBHOOK_URL}, then run it.
Run it in Claude, ChatGPT, or Gemini
First run pulls last week, scores each affiliate and sub-ID combo, and sends the digest. Output lands in 1 to 2 minutes. The same prompt works in any of the three.
How to read this: these scores flag patterns worth a look, not a verdict. Fast conversion times and duplicate spikes have several possible causes, ordered most to least common: coupon or cashback attribution, then genuine invalid traffic, then a tracking misconfiguration. Open the flagged slice in Core Platform before pausing anything.
Then you'll get a "no sub-ID granularity available" line for them, and the recipe falls back to partner-level signals only. The fix is upstream: ask your affiliates to pass at minimum sub1 (traffic source) and sub3 (creative or coupon code). Most premium affiliates already do.
The prompt asks once on first run for a list of "known internal" sub-ID values to suppress. Once you mark sub1=test_internal_QA as known, it won't show up in future digests. Persist the list in your scheduler config.
Yes. The recipe scores all ten sub-ID columns. Aggregators that pass their sub-affiliate ID in sub2 or sub3 get sliced by that dimension automatically. You'll see "sub2=AGG_SUBAFF_8841" lines in the output, which is exactly the level you need to act on. Everflow supports up to 10 sub-ID parameters (sub1 through sub10); see the parameters and macros guide.
Everflow supports up to 10 sub-ID parameters (sub1 through sub10). For how affiliates use them, see the parameters and macros guide.
The recipe scores affiliate and sub-ID combos with at least 50 clicks in the window so noise doesn't overwhelm signal. Smaller affiliates with sub-50 clicks roll up to an aggregate "low-volume tail" group instead of being individually flagged.
High scores are confirmed against a 14-day window before flagging. A single bad week from a normally clean affiliate gets the "spike, not trend" label so you investigate rather than auto-block.
If sub1 through sub10 are empty across the board, the recipe falls back to affiliate-level scoring and surfaces a callout that sub-ID tracking isn't wired, so you know it's a setup gap, not a clean program.
Internal QA traffic and known-good sub-IDs can be added to an allowlist in the prompt so they don't trip the signals.
Traffic-quality issues at the sub-ID level show up differently by vertical: in lead-gen and finance it's typically bot-filled forms or synthetic identity (the most-mentioned bucket in customer calls). In nutra and ecom, it shows up as coupon-stacking or last-touch attribution gaming. Mobile and app-install patterns don't surface in Everflow customer voice. The recipe is built around the click and conversion grain Everflow tracks, so install-attribution patterns are out of scope.
Drop us the question you wish had a prompt. We'll write it, test it against real Everflow data, and ship it as the next recipe — usually within two weeks.
One Tuesday email. Latest industry news plus new recipes the day they ship. Unsubscribe in one click.
Share what's working with the Everflow API. Our team will reach out about details, timelines, and next steps.