In Depth Tutorial on Writing a Slackbot

(This is a repost of an article I wrote on Monsoon’s blog prior to Capital One acquiring us.)

At Monsoon (my employer), we are avid users of Slack. It’s a great collaboration tool in addition to adding a new social dimension to the office. We just crossed 500k messages sent over the platform and we’ve only been on it for a few months!

We recently held a 4-hour slackathon at Monsoon where people were tasked with writing the most useful Slack bot they could think up. The winner was a secret polling script that we use to vote on controversial topics such as what to name our teams or who the coolest person in the office is. We chose to do our event using Hubot, a popular open source bot framework written by Github. Half of the participants were mobile developers, so JavaScript, the hubot scripting language, was foreign to them. We spent a few minutes prior to the event training everybody on how to write scripts to ensure an even playing field.

I’d like to share our Slack tutorial with the rest of the community.

Setting it up takes 5 minutes

To get started with the tutorial, you’ll need to setup your machine by installing Hubot. The most important step is the first two: clone the repo and then run:

$ npm install

Once you’ve done that, you’re ready to write scripts! In the scripts folder you’ll find a file called slackbot-examples.coffee. This example script is a more feature-rich set of examples than the default that comes with Hubot. We’ll go over these examples in greater detail below.

The first thing to notice is that this is a “coffee” file. CoffeeScript is a language that compiles into JavaScript. It is popular with some communities due to its terseness compared to JavaScript. If you don’t like it, you’re welcome to write scripts in JavaScript by naming your file .js instead of .coffee.

Talking to the Bot – robot.respond

In the next step, we start working with a bot.  All bot behaviors start with a listener. The first one we’ll review listens for messages directed at the bot.

When you mention the bot directly in a room via @botname, followed by the command, the bot will execute the above block of code. In this case, it will look for the text “@botname sleep it off.” This behavior will also trigger if you privately message the bot with the text “sleep it off.”

Either of these will trigger the bot to run the command msg.send ‘zzz…’

Making the Bot Say Stuff – msg.send

Now that the bot is listening for messages directed at it, let’s see if we can get it to talk back.  The msg.send command tells the bot to send out a message to the current chat room (that told it to “sleep it off”). In this case, the bot will say, “zzz…” publicly. msg.send always replies in the same channel it detects the original message.

It Sees Everything – robot.hear

We’ve already programmed a bot to respond to messages directed at it, but you can program a bot to listen to conversation anywhere in the office, and respond to a specific word or phrase.  The second type of listener is robot.hear, a blanket listener that reacts to a phrase regardless of who it is directed at.

In this example, we are using the regular expression looking for the word (and not just a phrase containing) “up.” If anybody says “up,” this block will trigger. It will also trigger if you direct “up” at the bot; both of these would trigger the behavior:

Michi: up
Michi: @botname up

It Can Remember – robot.brain

Bots can also store information for retrieval later.  In the “up” example above, the robot initializes and/or increments a value which we save as everything_uppity_count. It does nothing more. In this case, a user can say, “up” all they want and nothing will seemingly happen while the counter increases. This is done through the “brain,” which is a simple key-value store.

Note that the “brain” uses Redis to store its contents. This way, if the bot restarts, the data is preserved. If Redis is not running, the bot will still function, but all data is lost next time the bot restarts.

In the second example of robot.hear, the bot retrieves the current value of everything_uppity_count and displays it via msg.send. As a reminder, this means the robot would just reply in the chat room that it heard the “are we up?” statement.

Calling People Out – msg.reply

Bots can add tailored prefixes to their responses. You can use the command msg.reply for this. msg.reply probably does *not* do what you think it does. Rather, it acts similarly to msg.send except that it prefixes whoever authored the original message it is replying to.

In the above example, the script will simply reply to the original sender as illustrated in the following theoretical exchange:

Michi: What’s up!
Bot: @Michi What’s up!

Note that the reply is in the channel where you sent the original message. If this was a private chat room between you and the bot, the reply would have appeared there.

Replying to Private Messages – Advanced msg.send

Handling private messages is a little more tricky. This is because Hubot doesn’t treat private messages differently from any other types of message. Instead, you have to examine the room that the message is sent in.

In order to reply to a private message, you need to check if the room shares the name with the bot. If the channel names are the same, it is implied that the channel is a private channel. We’ve provided the helper methods to accomplish this:

Starting New Private Conversations – robot.messageRoom

Sending unsolicited private messages is more straightforward. Just remember that private messages are just another room named after a user. To accomplish this, simply tell the bot to message a room:

Notice that an error can be thrown if the channel is invalid. In that case, it’s a good idea to catch the error so that the bot does not crash.

More Examples!

The example script file also includes an example of how to run a web service in the bot to listen for external data sources (such as a github webhook) and how to trigger/watch custom events. Take a look – and when you’ve finished, hopefully you’ll have as much fun designing bots and expanding your office interactions and conversations as we have had here at Monsoon!

The Most Interesting Fact About the Apple Watch

Regarding the pricing… did you notice it too?

The low end price is $349, but the high end price starts at…? Not $9,000. Not $9,995. Not $9,999.

$10,000.

They rounded up the price! Even luxury brands like BMW round their prices down.

What is the last mass-market product you can recall that was priced like that? This is a very interesting marketing move since people will now “round up” the value of an Apple Watch.

Avoiding the Mentality of Hiring “Rock Stars”

There’s this sub-culture in startup-land where everything revolves around hiring and retaining “rock star” engineers. And I think it’s mortifying. Not the idea itself, but the implications.

I have heard it over and over from people I respect. But there’s a subtle insinuation that the blame of poor execution rests on whether or not somebody is a “rock star.”

Let’s flip the focus around: what is the difference between a good and bad manager? It’s simple:

  1. Good managers make everybody better. Bad managers don’t help anybody, but hopefully don’t make anybody perform worse.
  2. Blaming somebody for not being a “rock star” is an easy way to shift the blame from yourself.
  3. If managing “rock stars” and firing “non-rock stars” is what management boiled down to, managers wouldn’t be needed.

Hiring a Kobe Bryant for your basketball team is a good idea. But it’s preposterous to blame a losing record on the lack of a 5-man Kobe team.

History is full of leaders pulling off great feats with an unknown team of rookies. Be that leader. Elevate the team. The role of a manager is to help people produce their best work — “rock stars” or not. And, if anything, great leaders forge the rock stars everybody ends up talking about.

PSA: Stop Releasing Hobby Bitcoin (or similar) Projects for Your Own Good

You’re in serious legal jeopardy if you release a virtual currency project into the wild, and not because the currencies themselves are legally murky. Rather, because you are liable for any wrong-doings that might arise from the use of your product or service.

Corporations exist to shield their owners from legal liability. If you pay money to a company and then that company goes bankrupt before giving you your money’s worth, the owners and employees (unless they’re doing criminal activity on purpose) are not personally liable for your loss. On the same principle, if a software developer at Visa makes a mistake and Visa gets hacked, the software developer isn’t personally sued by the shareholders (s/he may be fired, though). The banks, merchants, or consumers impacted might sue Visa, but none of the employees are having their homes repossessed.

Now look at your project. Are you a high school student with a coin-bot that nearly got hacked? Maybe a student developer who made a hobby wallet that was emptied? Or maybe another hobby project stored on a $5/mo shared hosting service? Count your blessings you weren’t sued or prosecuted. If you release something *personally* and your negligence (or bad luck) makes you lose your user’s money, NOTHING is shielding you from them or the law. You are 100% fully legally liable for what happened. It doesn’t matter that it was a bug or that it was “just a hobby.” If somebody put $10k in your online wallet project and you lost it, you’re on the hook.

So far, it looks like cases like these are largely being blamed on the community of users trusting the services. That will eventually change. All it takes is one angry user who lost grandma’s retirement funds to turn a person’s life upside down.

I think it’s great that there is payment innovation happening right now. And I really support developers doing cool side projects. But before publishing projects that move *real money* around on *your personal servers*, think about whether or not it makes sense that you first setup basic legal protections for yourself.

Adding BasicAuth to the Kue Dashboard in an Express App

Do you use Kue and want to put it in its own folder that is password protected using BasicAuth or some other type of mechanism?

I know I’m not alone on this problem, yet nobody seems to have posted the concise answer. Here’s the solution.

Explanation

Modules are their own little world

In Express (Node), there’s a couple of important points to know:

  1. Route declaration order matters
  2. Auth strategies are attached globally or to individual routes
  3. Modules tend to come with their own routes (Kue certainly does)

If we want to attach an auth strategy to Kue, you’d naturally want to attach an auth strategy to its entire scope. First, I tried locking down the entire module:

module.exports = function (app, config, passport) {
  var kue = require("kue");
  var auth = express.basicAuth(function(user, pass, callback) {
    var result = (user === 'username' && pass === 'password');
    callback(null /* error */, result);
  });
  // any kue related settings can go here
  kue.app.set('title', 'Jobs');
  // create a wrapper to add auth on since without it we can't globally wrap kue's paths
  kue.app.use(auth)
  // bind the subApp to the desired path
  app.use('/secret_location/kue', kue.app)
};

Global auth can’t hook onto Kue

This fails to prompt for authentication. Why? Honestly, somebody better at Express can explain. I believe it has something to do with the way Kue is written since app settings are first-come first-serve.

Sub app it

In the gist above, you can see I create a sub app by passing in Express and creating an instance inside the file. I then apply the global auth settings (“subApp.use(auth)”) to this app before wrapping it. See the relevant code here:

  var subApp = express()
  // add authentication to the entire sub app
  subApp.use(auth)
  // re-add kue.app (but dont put it in its own folder)
  subApp.use('', kue.app)
  // bind the subApp to the desired path
  app.use('/secret_location/kue', subApp)

Notice that I add the kue.app using a blank string as a first argument. That tells Express to put this sub-app in the same folder path as the app. Then, I bind that app to “/secret_location/kue.”

This works.

How Amazing Features Can be a Waste of Time

Differentiation is another way of saying: define your own market. By doing this well, you can avoid the problem of unseating incumbents because they don’t exist or are significantly weaker.

Why Most Features Aren’t About Differentiating

You’ve got 5 seconds. Tell me how you’re better than the incumbent I am currently using. If your pitch to me — as a customer, partner, or investor — is that your site has the most features: you’re screwed. Here’s why, from the perspective of each:

  • Customers & partners: Yes, but, who are you again? I don’t put my eggs in nests that might disappear tomorrow, even if the nest has a built-in heater.
  • Investor: So your company is a feature away from being destroyed?

In the Internet Era, features are cheap. Big or small, a company can bang out a feature in a week or two and start testing it. You disagree because said company would “never” build that feature? Never say never. Innovative companies always surprise people. Hoping your competition doesn’t want free money on the table is tantamount to gambling, and there is a much safer, more logical way of approaching this problem.

So many “feature” companies (i.e., they’d just be a feature in a bigger company’s product) are born everyday. The criticism isn’t that these companies are doing something “easy.” The problem is that many startups use a specific superior product experience or feature as a key differentiator, without considering whether or not it helps them corner a new or different market. Being “better” isn’t enough.

Same Thing, Different Optics

Certain feature sets, if marketed right, completely change your target market. This is key. Let me say it again:

Certain features put you in a different market.

Most all companies are chasing a specific market. 18-24 females. College students. People who like coffee. Couples. Widows. Canadians with houses.

Not all features are created equal. Most features just add further convenience or refinement (i.e., “single signon,” “AJAX uploading,” “mobile support.”). Focus on competing in a way that assures your competitor’s destruction if they were to follow your lead.

Why Incumbents Ignore Certain Features

Like I said, some features change who a company’s customers are. In worst case scenarios, some features alienate your existing customers entirely (i.e., killing your existing revenue stream).

For example, your feature might be a free, ad-supported version of an existing model. A very famous site called OKCupid did exactly this a few years ago. Even today, this is what they’re known for. Why didn’t the other players in the market copy them? Because going free would mean changing their customers from their users (who pay a monthly fee) to advertisers (who pay for data and exposure). Yes, much like Facebook, OKCupid’s product is its users, and its customers are its advertisers (mmmm sweet, sweet data).

While the main differentiating feature, being free, is an easy feature to build, even to this day, incumbent sites like eHarmony and Match remain paid services. They are ultimately after different markets. You and I can intuitively see that there is likely a well-defined difference between the two markets of people willing and not willing to pay for dating (income, what they are looking for, age, etc.). It’s clear now that there was always two markets in the dating space, and OKCupid successfully cornered it using a simple marketing message.

The key for you and I is to understand and learn from this lesson: figure out what differentiators you introduce that give you unique access to a new or different market from incumbents.

Don’t Get Distracted

In any given startup, there is probably a backlog of 100 features to choose from. And most of them are from customers. Think about it.

Customers ask for features.

These customers are asking you to pick their market. With each feature you work on, your are moving toward a given audience. If this is a market you don’t want, ignore the feature. A feature that doesn’t help you define, carve out, and keep a specific target market is a waste of time.

In some markets, usability is everything (mobile). In others, aesthetics (marketing). Yet again in others, speed (search engines). Maybe in another, depth of technical end points (APIs). And within these markets, there are niches with even finer requirements.

Identify your core desired audience and build features only they yearn for. Everything else is a distraction.

Feature != (does not equal) Technical

A feature isn’t necessarily a boat load of programming. A “feature” is a marketable unit of software development. The complexity of that development is irrelevant. It can be as simple as a change in design, pricing, copy, or even name. Here are some examples:

  • Pick an XXX domain for your Pinterest clone: bam! PinPorn (NSFW). No difference in technical features from the original, but the site successfully corners its own market via community (the feature).
  • Want to be a Groupon for gay people? Fab. (Another year later, they’ve exited their niche and become a mainstream fashion site.) You know how they did that? They built a sizable mailing list of the gay community from their original ideas to be a gay Facebook and/or Yelp. Fab’s differentiator? Good taste, according to them.
  • Instagram’s killer feature was tight social integration (arguably pretty technical); yet Hipstamatic came first. Instagram brought easy sharing to a paid digital photo filter market that Hipstamatic defined.
  • And, of course, there’s Facebook: a MySpace for college students. The killer “feature” was that you had to have a “.edu” email address. Facebook probably would have perished in its early days without those 5 lines of code (maybe less).

The Real Meaning of Market Differentiation

Recall my example about the free dating market. Rewind 10 years. Online dating was something you paid for. That was it. Maybe this is easy to recognize now, but this market dichotomy (free vs. paid) was not apparent until only recently.

When smart people ask you about your market differentiation, this is what they mean. They are asking you if you’ve found a market angle that existing players will gladly give up because they either don’t value it or can’t compete in it due to conflicting interests.

So next time you’re looking at a list of features to work on, ask yourself: “is this feature putting us in the market that we want to be in?”

Facebook is okay with hurting their developers

Update: Only two weeks later, all of the user decline figures are far worse than I had originally stated (e.g., Band Page is down to 4M users from 31M!)

Facebook just seriously injured their own app developer ecosystem, and they’re poised to finish it off. And they did it on purpose.

Recently, Facebook announced that they would remove the default landing tab for Facebook Pages. They did this while simultaneously introducing Timeline for Pages. Most people probably aren’t going to miss those “like gate” pages where users were asked to like the brand’s page. The move makes sense for Facebook as it forces brands to spend money on the new Facebook ad units that have embedded likes (see below). Brands are understandably upset: getting likes means spending money.

The effects were immediate to one audience. The real doom-and-gloom story is around app developers. Facebook made this announcement at the start of this month. Since then, some of Facebook’s biggest apps have taken a nose dive on traffic. How big? A good example of this is Band Page, which gave artists cool, interactive fan pages with embedded music/videos, rather than the boring old wall. Facebook announced these changes roughly at the start of March. As you can see below, Band Page lost roughly 1/4 of their users (6 MILLION!) in a period of 15 days (yes, the chart is a little weird to read).

And this will only continue as more pages transition to the new format (10 more days until it’s mandatory).

The “default landing tab” was how many, many apps got their traffic on Facebook. The default tab was the first thing new users saw when they visited a brand’s page. This was a way for the page to “message” themselves to new potential customers, and it was very popular for brands to spend money on these apps.

Unfortunately, that party is over.

Check out this comparison on how else the new change hurt an app like Band Page. Here’s a “before” of Taylor Swift’s page, which has yet to convert to the new format:

Notice how it lets you play the music straight from the page and links to their iTunes store (links like this are not allowed on Timelines, btw)? Notice how it “lives” in Taylor Swift’s page as part of a seamless experience? See how you can see a quick list of all the apps the page has?

Let’s compare…

Snoop Dogg recently updated his page to use Timeline.

Wait. Where’s the link to Band Page? Oh, I found it under that little “2” to the right of his “Snoopermarket” (that’s cute) section…

Check out the installed Band Page app look and feel:

What? Where am I? Where’s his page? That white space you see is exactly as it appears. The app is sitting alone off in its own area.

It might as well live on Snoop’s own website, and I imagine this is exactly the direction many brands will take as this becomes the norm for Facebook apps.

How much does all this hurt these apps? Check out the biggest losers in the weekly app ranking charts:

It is the same story with every major app: stagnated growth in early March followed by a continuous and very steep decline as the month continued. All that jazz about the Ticker and Open Graph hasn’t been enough to stop this decline. I fear what will happen April 1.

Page apps are getting destroyed! This explains the recent shift for Wildfire (reference) and Buddymedia (reference) to becoming Facebook Ad aggregators. These two companies built an empire by being the go-to solution for Page apps and now they’re running away. At least Facebook notified these guys.

Facebook is out to kill page apps, albiet slowly and only after suffocating the ecosystem so the loudest and most deep-pocketed players move to greener pastures (see above two examples). Developers beware. Profile apps suffered a similar slow strangulation followed by a sudden death. When profile apps were killed, we got just over 60 days notice (announced as a footnote Aug 19, 2010 and officially removed Nov 3, 2010).

IPO-Facebook needs to make money, and if there’s companies eating their lunch, don’t expect them to sit back anymore.

After all, Timeline is all about hurting Twitter. Let’s see, it:

  • Decreases the ability of “doing stuff” via apps (e.g., self-maintaining content)
  • Makes it more embarrassing for a brand to not actively post updates since their page starts off as a wasteland. Thus, it…
  • Increases the importance of providing frequent updates and engaging your fans
  • Makes it easier to see who’s interacting with a page

Page apps became a casualty because they discouraged page owners from using Facebook like Twitter. Previously, brands could hide crappy walls by having cool apps and a nice splash page with a “Coupon for a like” message. Those days are gone. And Facebook did it on purpose. It’s probably for the best, but as a developer, it still hurts to think about all the blood, sweat, and tears that went into building those amazing Page Apps.

Three Analogies for Pitching Your Startup Right

Below are three analogies on how to prepare and pitch your startup better.

TLDR: Don’t focus on being right. Don’t rush the sale. Find believers.

I recently got my startup funded. It was an extremely, extremely challenging exercise. Today’s post is short; I’ll save the funding journey for another time. Today, I wanted to talk about pitching. I’m going to focus on three big, often overlooked issues.

1. Friend-speak: “That’s an awesome idea!” => “Good luck, bro.”

Friends tell you what’s wrong with your idea, but they often say it nicely. Listen to your friends carefully, and recognize that “That’s a cool idea, but what about blah-blah?” is a veiled criticism of your idea. Listen and understand their concerns. A good pitch patches up these holes before they’re even asked.  Often, when an idea is criticized, it’s natural to want to be defensive. It’s important to take criticism as something to solve for, not something to “be right” about. Ok here’s the analogy:

You’re a pirate. You’re practice fighting with your buddy pirates when they accidentally shoot a hole through your hull. But you’re smart so you win the argument with them that there is in fact NOT a hole there (Uhhhh). You decide to go out and challenge some Brits to a battle to the death without first addressing the damage your buddies left on your idea — er, I mean — ship. Oops!

2. You need more time to sell

I haven’t pitched that many people specifically to get money (a lot of pitches were over partnerships), but when I felt rushed there wasn’t a second meeting. When you are trying to convince somebody to give you — a nobody — enough money to buy a few cars (or a house), they need time to digest things. Here’s the analogy:

Your startup is like a restaurant. First you lure in a customer to try out your food. Once inside, you serve your customer what they are going to eat. It’s a game changing meal, so they’re naturally skeptical. They start to nibble on it. Maybe it’s good. Maybe it’s not. But you’re in a hurry so you jam the food down their throat, ask for money, and remind them to leave a good review on Yelp. They throw up and get major indigestion.

Like with any good meal, make sure you have a full hour to pitch. Your pitch should be 30 minutes max. Leave 30 minutes for questions (which will be sprinkled throughout your presentation).

3. The Crazy Idea Train needs passengers

You’re the conductor of the Crazy Idea Train. You built it, actually. It’s a little rocky, but it’s speeding along! But there’s no passengers. Your friends say they’ll get on the train later. Strangers say you need to pay them money for them to get on board (it looks really ghetto and unstable, after all). And nobody really knows where it’s headed. Maybe it’s going to Billion Dollar Land; maybe its going to Unemployment Mountain. You think it’s the former. But it looks like most people believe it’s the latter.

I’ve thought about this a lot, and I’ve decided that this is actually super duper important not just from an investor’s point of view, but from a founder’s point of view. If you can’t convince one person to join your Crazy Idea Train, then is it really a good idea? Finding a co-founder is social validation that your Crazy Idea has legs. Without this, investors are left to imagine the worst.

I’ve also heard cases of people unsuccessfully looking for co-founders. Again, this to me is a sign of a crappy idea or worse. There’s a lot of reasons why somebody would be unable to find a co-founder, and most of them are bad signs. Are you arrogant and un-friendly? Do you seem untrustworthy? Do others have no confidence in your ability? Are you a terrible leader? Are you all talk? Are you no fun to be around? Do you kill kittens for entertainment? Maybe. Maybe not.

Your number one job as a founder is to sell the company to future investors, acquirers, and employees. If you suck at this, that’s a death sentence. Start with selling to a co-founder.

Summing it up

Don’t focus on being right. Don’t rush the sale. Find believers.

Bonus pro-tip: make sure your lawyer doesn’t put your cell phone number in the SEC filings. Yeah, that happened.