Automated Detection, Behavior, and Scoring
Automated detection combines pattern matches and behavioral transients into severity flags, sums their configured scores, and applies the selected action when the score reaches the threshold.
Automated detection looks for jailbreak phrases, abuse or code-like patterns, configured content patterns, rapid messages, and repeated messages. Each match records a category and severity; the configured severity weight contributes to the total score. Reaching the threshold selects the automated action, but lower-scoring detections can still be flagged and stored for review.
First, keep automated detection enabled and review threshold 10/action flag. The useful result comes later when you run benign, boundary, and known-test phrases; review the exact flags/scores in flagged conversations, because configuration values matter only when their effect can be seen in retrieval, a generated reply, visitor access, or the connected service.
What this feature does and when to use it
Section titled “What this feature does and when to use it”Use it to flag or block high-confidence patterns while measuring ordinary-language false positives.
Use this feature in the following situations:
- You need default jailbreak and abuse detection before exposing the widget publicly.
- A flagged conversation needs to be explained in terms of category, severity, score, and threshold.
- You need to tune rapid/repetition behavior or a pattern that causes false positives.
Where to find it
Section titled “Where to find it”Before you begin
Section titled “Before you begin”- SmartSite Assistant is installed and activated.
- You are signed in with an account that can manage WordPress options.
Set it up step by step
Section titled “Set it up step by step”- Keep automated detection enabled and review threshold 10/action Flag.
- Review default jailbreak patterns and Critical severity.
- Review abuse/code-injection patterns and High severity.
- Review content flag patterns and Medium severity.
- Keep behavioral detection enabled and inspect rapid/repetition settings.
- Save before testing.
- Run benign, boundary, and known-test phrases; review the exact flags/scores in Flagged Conversations.
Fields, controls, and important values
Section titled “Fields, controls, and important values”Automated detection combines configured content and behavior signals into a severity score. It does not make a permitted answer more accurate; it decides whether a message continues, is recorded for review, or is blocked. Careful patterns and thresholds reduce risky traffic, while broad patterns can prevent the AI from answering normal technical or sensitive-topic questions.
| Field, control, or status | What SmartSite Assistant does with it | How to use it and why it matters |
|---|---|---|
| Enable Automated Detection | Turns pattern/behavior analysis and threshold evaluation on or off. It is enabled by default. | Keep this on when the configured pattern, behavior, severity, and threshold checks should run for messages. Turning it off bypasses this automated evaluation while retaining the saved patterns and scoring configuration. |
| Automated threshold | Total severity score at which the selected automated action is evaluated. Default 10; UI range 1–100. | Set the total severity score that must be reached before the selected automated action is evaluated. Lowering it makes combinations of weaker signals act sooner; test ordinary questions to avoid flagging legitimate language. |
| Automated action | Flag and Warn both allow the request and record a flag; Block denies it when the score reaches the threshold. Default Flag. | Choose the outcome applied at or above the threshold. Flag and Warn both allow the request and record flags; choose Block only when a matching request should be denied. |
| Automated block message | Visitor-facing message returned only when the automated action is Block and the threshold is reached. | Write the visitor notice used only when the action is Block and the score reaches the threshold. Explain that the request cannot be processed without revealing patterns, scores, or instructions that help bypass detection. |
| Jailbreak detection | Matches the configured jailbreak phrase/pattern list. Enabled by default with Critical severity. | Keep this on to compare messages with the administrator-maintained jailbreak pattern list and add the configured Critical signal when matched. Test the actual phrases because this is pattern matching, not a general guarantee against prompt manipulation. |
| Jailbreak patterns | One phrase or supported /regex/ pattern per line for prompt-manipulation attempts. | Enter one literal phrase or supported slash-delimited regular expression per line. Use narrow patterns, test expected matches and harmless near-matches, and avoid broad expressions that can classify normal visitor questions as jailbreak attempts. |
| Abuse / code-injection detection | Checks default abuse/code-like patterns and a high special-character ratio. Enabled by default with High severity. | Keep this on to apply the built-in abuse, code-like, and high-special-character checks with High severity. Review flagged examples because legitimate technical websites may receive normal questions containing code or symbols. |
| Content flag patterns | Checks the administrator-maintained content pattern list. Enabled by default with Medium severity. | Use this administrator-maintained list for site-specific content signals that should add Medium severity. Add precise terms or patterns and verify them with sanitized tests; this list is separate from blocked words and does not alone block a request. |
| Behavioral detection | Tracks rapid and repeated messages by visitor token. Enabled by default with Medium severity. | Keep this on to evaluate rapid and repeated activity associated with the visitor token. It adds a Medium signal when configured behavior triggers; it does not establish the visitor’s identity or replace token/IP rate limiting. |
| Rapid-message count | Number of messages that triggers the rapid behavior signal. Default 5; allowed 2–50. | Set how many messages inside the rapid-message window produce the behavioral signal. A lower count detects bursts sooner but can catch legitimate visitors who send several short corrections or follow-up questions. |
| Rapid-message window | Seconds used for the rapid-message behavior check. Default 10; allowed 3–120. | Set the number of seconds in which the rapid-message count is evaluated. A longer window makes the same count easier to reach, so test the pace of a normal multi-question conversation before tightening it. |
| Repeated-message count | Number of matching/repeated messages that triggers the repetition signal. Default 3; allowed 2–20. | Set how many matching or repeated messages produce the repetition signal. Keep it high enough to permit an accidental resend, then test exact repeated input with awareness that the comparison uses the fixed history period. |
| Repetition history | The implementation compares repetition within a hardcoded five-minute history. | Treat five minutes as a fixed implementation behavior rather than an editable field. When reproducing repetition results, keep tests inside that period or wait until it expires before expecting a fresh history. |
| Severity weights | Default numeric scores are Low 1, Medium 3, High 5, and Critical 10; these values are summed for the message. | Use these four scores to understand how several signals add toward the automated threshold. Raising a severity weight makes every matching signal in that class more influential, so calculate representative combinations before saving changes. |
How to confirm it is working
Section titled “How to confirm it is working”After saving Automated Detection, Behavior, and Scoring, repeat the final test with clean context. That distinction matters because WordPress can store a valid value even when remote processing, access rules, caching, or delivery prevents it from influencing the real experience.
Practical example
Section titled “Practical example”A Critical jailbreak match scores 10 by default and reaches the default threshold even without other signals.
Recommended practice
Section titled “Recommended practice”- Change one part of Automated Detection, Behavior, and Scoring at a time and keep a short record of the previous value and test result.
- Include ordinary near-matches in every test so protection is not tuned only against deliberately obvious abuse.
Important warnings
Section titled “Important warnings”Common problems and focused checks
Section titled “Common problems and focused checks”| Problem | What to check and what to do next |
|---|---|
| A low-score message is still flagged. | The threshold controls the automated action, not whether detected flags are logged. |
| Warn does not display a distinct warning. | This is current implementation behavior; choose Block for denial or Flag for review. |
| Automated Detection, Behavior, and Scoring is missing or does not match this guide. | Confirm the plugin is active and the account can manage WordPress options. Reproduce the exact message safely and identify the matching limit, pattern, score, address, or whitelist entry. |
| A change on Automated Detection, Behavior, and Scoring does not produce the expected result. | Keep the exact notice and test case, then review the browser console and WordPress/PHP log. Reproduce the exact message safely and identify the matching limit, pattern, score, address, or whitelist entry. |
Screen reference
Section titled “Screen reference”- Capture
- Show automated detection controls with all categories, severity choices, threshold 10, and behavior defaults visible.
- Show
- Jailbreak/abuse/content/behavior toggles, patterns, severities, rapid/repeat values, threshold, action
- Viewport
- Desktop, 1440 × 900
- Annotate
- Use numbered callouts only for controls referenced in the procedure.
- Redact
- OpenAI keys, tokens, secrets, personal information, private URLs, IP addresses, and conversation text