Flocci Chat: The Support Bot That Learns From the People It Serves
An embeddable AI support widget that fills its own knowledge base from real visitor browsing, cites its sources, and escalates only when a human should.
On this page
It is 2:04 in the morning and someone is on your pricing page with a question. Not an idle one — a real, specific, will-I-buy-this question, and the kind that never survives until business hours. There is a chat bubble in the corner, so they click it. The bot greets them warmly and then confidently tells them something that stopped being true three product updates ago, because the knowledge base behind it was last touched by a human who has since changed teams. The visitor closes the tab. You will never know they were there.
The knowledge base is the whole problem
Every support chatbot is a front-end wrapped around a knowledge base, and the front-end has never been the hard part. Slap a language model on top and the demo dazzles. The hard part — the part that quietly rots every deployment — is the knowledge behind the model, because that knowledge goes stale the instant your site changes and nobody is paid full-time to keep re-feeding a bot.
So teams do the expensive thing. Someone exports the docs, someone pastes FAQs into a training panel, someone wires up an escalation email, and for about a month the bot is accurate. Then you ship a feature, rename a plan, move a settings toggle — and the bot keeps answering with yesterday’s map, in a tone that has all the confidence and none of the truth. The bot isn’t lying. It’s answering from a gap.
There is a second, sharper failure hiding inside the first. The modern web is rendered in the browser. React, Vue, Svelte, the whole no-code galaxy — the page a visitor actually reads is assembled by JavaScript after the HTML arrives. Traditional crawlers, the ones that feed most support bots, fetch the raw HTML and see an empty shell. So on exactly the sites people actually use in 2026, the bot is trained on markup the user never sees, and blind to the content they do.
A crawl is a photograph of your site taken once, from the outside. What you actually need is a knowledge base that keeps up with the site as it changes — and that sees what a real browser sees, not what a bot fetches.
Your website, answering for itself
Flocci Chat’s answer is disarmingly literal, and it doubles as the product’s tagline: your website, answering for itself. Instead of asking you to maintain the bot’s knowledge, it lets your real visitors’ browsing maintain it for you.
Here is the move. On day one, an operator crawl walks the conventional surface — sitemap, robots, llms.txt, docs — and gives the bot a baseline. From that point on, the widget does something crawlers can’t: as each real visitor opens a page, the embedded widget submits the fully-rendered DOM of that page — the finished, JavaScript-assembled thing the human is actually looking at — back into the knowledge base. And you can manually upload anything the other two channels miss.
Read that middle channel again, because it is the killer angle. The knowledge base self-completes over precisely the pages people care about, weighted by real traffic, and it does so on SPAs and no-code sites where a crawler sees a blank div. The visitors aren’t just consuming the knowledge base. They’re co-authoring it.
Sitemap, robots, llms.txt, and docs give the bot a baseline the moment you install it — no waiting for traffic to warm up.
The widget submits the fully-rendered DOM of every page a real visitor opens. Coverage grows over the pages that matter, and SPAs stop being a blind spot.
Fill the gaps the crawl and the traffic never reach — the seldom-visited policy page, the thing that isn’t on the site at all yet.
Hybrid vector plus lexical search with rerank. Embeddings are real (OpenAI) or the system falls back to lexical full-text search — never faked.
Grounded, and honest about it
An automatically-filled knowledge base is only trustworthy if the answers stay tethered to it, and this is where Flocci Chat earns the word grounded instead of just printing it on a landing page. Every answer is drawn from retrieved content, and the sources are shown. Retrieval is hybrid — semantic vector search and lexical full-text search, combined and reranked — so it catches both “what this means” and “the exact term you typed.”
The honesty is in the fallback. Semantic embeddings need a real provider; when one isn’t configured, the system doesn’t quietly pretend. It drops to lexical-only full-text search and says so, rather than fabricating a vector match. A bot that admits the shape of what it knows is worth ten that bluff. And when a question lands in low-confidence territory, it doesn’t roll the dice — it asks a clarifying question or escalates.
Support that never says “I’ll get back to you” — unless a human should
The escalation logic isn’t an afterthought bolted to the side; it’s a policy engine at the center. The Answer Policy Engine governs three decisions on every message: answer now, ask a clarifying question, or hand off to a human. It weighs persona, confidence, and whether a clarification would help — so the handoff fires because a human genuinely should take over, not because the bot got bored.
When it does hand off, the wiring is real. Policy-driven handoff routes to your ticket connectors and fires a support-email notification through the shared Flocci notification service, with verified delivery. The visitor at 2am gets a real thread with a real human attached, instead of the dead-end “I’ll get back to you” that everyone has learned to distrust.
- A message arrives
The visitor asks something. Retrieval pulls the relevant, cited passages from the self-filled knowledge base.
- The policy engine decides
Answer, clarify, or hand off — based on persona, confidence, and whether asking one more question would resolve it.
- Grounded answer, or graceful handoff
High confidence gets a cited answer. Ambiguity gets a clarifying question. A genuine gap gets routed to a ticket connector with a support email sent.
- Everything is observed
SLO events and hourly rollups feed the Reliability and Launch dashboards, so operators can govern answer quality instead of guessing at it.
From a Q&A box to a support agent
The most ambitious part of Flocci Chat is where it stops answering questions and starts doing things. Two mechanisms make that safe.
First, identity. flocciChat.identify(user, hmac) verifies a signed-in visitor using HMAC-SHA256 against your tenant’s identity secret — the same signed-handshake pattern that lets a bot safely say “your order” instead of “an order.” Without it, account-specific help is a security hole. With it, it’s a feature.
Second, agentic actions. A DeepSeek tool-calling loop runs built-in tools like create_support_ticket and get_my_support_tickets, plus tenant-configured actions that call your own API — stored per tenant, dispatched with X-Flocci-End-User-* headers so your backend knows exactly which verified visitor is asking. Track an order, check a subscription, hit any endpoint you expose. The widget crosses from “explains your product” to “operates on the visitor’s behalf.”
Do
- Verify signed-in visitors with the HMAC handshake before serving account-specific answers
- Configure tenant actions against endpoints you already trust, and let the widget call them with per-end-user headers
- Let the policy engine escalate — a clean handoff beats a confident wrong answer every time
- Watch the Reliability dashboard; it’s telling you where the knowledge base is thin
Don't
- Expect a one-time crawl to stay accurate — the passive ingestion is what keeps it honest
- Assume a JavaScript-rendered site is un-crawlable; that’s exactly the case this was built for
- Treat “grounded” as a slogan — check that answers show their sources, because these do
How it sits in the Flocci platform
Flocci Chat is white-label by construction: you set the widget’s name, colors, tone, and custom instructions per tenant, so it answers as your brand, not Flocci’s. Underneath, it’s multi-tenant by design — Postgres row-level security enforced per tenant via app.current_tenant_id, running on a remote Neon database rather than local-first. The shape is a Fastify backend, a Next.js dashboard, an embeddable widget package, and a shared package tying them together.
It plugs into the wider platform through the gateway with a refreshing candor about what it does and doesn’t adopt. It uses the shared notification service for handoff emails, and the shared Graph service — an event outbox plus a Redis-mesh relay emitting chat.message.answered, action.executed, and handoff.created. It deliberately does not yet route through the shared intelligence service (which lacks the streaming and tool-calling Chat leans on, so it calls DeepSeek directly via the OpenAI SDK), nor the shared identity service for operator auth (local JWT stays, for now). Those are honest, load-bearing choices, not gaps — the mark of a product that knows why each dependency exists.
The economics are equally plain: a free tier with 500 credits, one credit per visitor message, credit-based usage beyond that with every feature included. No enterprise-tier gate on the good parts.
Flocci Chat is for the website and product owners who want on-brand, verified, automated support without standing up an AI stack in-house — and especially for the teams running the modern, JavaScript-rendered web that older tools quietly can’t read. It is early in the places that are early, and it says so. But the foundation is the rare kind that gets more accurate the more it’s used, because the people it serves are the ones teaching it. The visitor at 2am isn’t a problem to deflect anymore. They’re the reason the next answer is right.
Frequently asked questions
How does Flocci Chat know about my website?
Three ways. An operator crawl (sitemap, robots, llms.txt, docs) covers your site on day one. After that, passive ingestion has the widget submit the fully-rendered DOM of every page your real visitors open, so coverage grows over the pages people actually use. And you can manually upload content to fill any gaps.
Will it work on my JavaScript-heavy or no-code site?
Yes. Because it learns from the fully-rendered page in the visitor's browser, it handles React, Vue, and no-code platforms — exactly the JavaScript-rendered sites where traditional crawlers see little or nothing.
How do I trust the answers? Does it make things up?
Every answer is drawn from retrieved content with the sources shown. Retrieval is hybrid vector plus lexical with reranking, and when semantic embeddings aren't enabled it falls back to lexical-only full-text search rather than fabricating — it never fakes retrieval. Low-confidence questions trigger a clarify step or escalation instead of a guess.
What happens when the AI can't help?
An Answer Policy Engine decides when to answer, when to ask a clarifying question, and when to hand off. Policy-driven handoff routes to your ticket connectors and sends a support-email notification, so a human picks up when a human should.
Can it give account-specific answers, like order status?
Yes. You can verify a signed-in visitor with an identity handshake (flocciChat.identify using HMAC-SHA256), then configure agentic actions that call your own API — with per-end-user headers — to track orders, check subscriptions, create support tickets, or hit any endpoint you expose.
/* Comments */
Comments are offline right now — we reconnect automatically, nothing is lost.