Why
Hoxhunt, Brightside, Proofpoint, Phished all use AI for role-aware personalisation. Static htmlBody/textBody cannot match.
Scope
- New table
template_variables linking email_templates to allowed substitutions ({{firstName}}, {{department}}, {{managerFirstName}}, {{recentInternalSender}} etc).
- Server action
generateTemplate({ scenario, role, region, language, difficulty }) calling an LLM with strict schema-validated JSON output.
- Preview render against a real employee row before save.
- Provenance: store model id, prompt hash, generated_at on the template row.
Acceptance
- Admin can generate, preview, edit, then save a template.
- Generated templates never leak real employee PII to the model (synthetic samples only).
Why
Hoxhunt, Brightside, Proofpoint, Phished all use AI for role-aware personalisation. Static
htmlBody/textBodycannot match.Scope
template_variableslinking email_templates to allowed substitutions ({{firstName}},{{department}},{{managerFirstName}},{{recentInternalSender}}etc).generateTemplate({ scenario, role, region, language, difficulty })calling an LLM with strict schema-validated JSON output.Acceptance