Skip to main content

Overview

The corsa-rule-authoring skill teaches your AI coding assistant how to create, manage, and test transaction monitoring rules using the Corsa API and SDK. It covers the full rule lifecycle, condition syntax, aggregation thresholds, and evaluation.

What It Helps With

  • Creating custom rules from scratch or from pre-built templates
  • Configuring conditions with property checks, boolean logic, and aggregation thresholds
  • Setting up actions (alert creation, transaction halting)
  • Managing rule lifecycle (draft, activate, disable, delete, versioning)
  • Testing rules with on-demand evaluation
  • Understanding how rules generate alerts in production

Quick Start

After installing the skill, ask your AI assistant questions like:
  • “Create a rule that alerts on withdrawals over $50K in 24 hours”
  • “Copy a rule template and customize the thresholds”
  • “What aggregation operators are available for conditions?”
  • “Test my rule against a sample transaction”
  • “How do I update an active rule without downtime?”

What the Skill Knows

Rule Lifecycle

Create → Draft → Activate → Active → Disable → Disabled → Delete (soft)
  • Only active rules evaluate incoming transactions automatically
  • Updating an active rule creates a new version atomically
  • Active rules must be disabled before deletion
  • activate, disable, and delete accept optional reason for audit trail

Conditions

  • Entity targets: transaction, client, wallet, bankAccount
  • Boolean logic: all (AND) and any (OR) groups with arbitrary nesting
  • Operators: equal, notEqual, greaterThan, lessThan, greaterThanInclusive, lessThanInclusive, contains, doesNotContain, in, notIn, between
  • Entity relationships: all, sender, receiver for client-scoped conditions

Aggregation Thresholds

Rolling time-window conditions for velocity checks and structuring detection:
  • Operators: sum, count, avg, min, max, median, stddev, percentile, countDistinct, first, last
  • Time windows: in_the_last, all_time, after, before, between
  • Periods: minutes, hours, days, weeks, months, years
  • Filters: Narrow which transactions are aggregated (e.g., only withdrawals)

Actions

ActionEffect
CREATE_ALERTCreates a compliance alert with configurable category, priority, and status
HALT_TRANSACTIONMarks the transaction for halting (FREEZE decision)
When multiple rules match one transaction, alerts are consolidated — one alert with the highest priority across all matching rule configs.

Templates

Pre-built rule templates for common compliance scenarios. Copy a template to your workspace, customize the conditions, and activate: 
const { ruleId } = await client.ruleTemplates.copyRuleTemplate("template-id");
const updated = await client.rules.updateRule(ruleId, { /* customizations */ });
await client.rules.activateRule(ruleId);

Evaluation

  • Automatic: Active rules evaluate every ingested transaction and trigger actions (alert creation)
  • On-demand: POST /v1/evaluation/evaluate tests rules without creating alerts
  • History: Query evaluation results by transaction or by rule

Key Distinction: Evaluate API vs Production Alerts

The on-demand evaluate endpoint (client.evaluation.evaluate()) returns match results and decisions but does not create alerts. Alerts are only created when transactions flow through the normal ingestion pipeline and match active rules. Use the evaluate API for testing and validation.

Common Mistakes It Prevents

MistakeWhat the skill does
Expecting evaluate API to create alertsClarifies that alerts only come from the ingestion pipeline
Trying to delete an active ruleGuides to disable first, then delete
Forgetting to activate after creatingReminds that rules start as drafts
No labels on conditionsAlways includes labels for readable evaluation results
Overly broad aggregationsUses aggregationFilters to narrow scope

Source

GitHub Repository

View the full skill source with detailed condition examples and SDK method reference.