— Agent · for the COO · CFO · Owner
Leak Detector.
Seven theft signals, ticket-level.
Seven ticket-level signals: void after payment, cash-only voiders, comp abuse, promo stacking, discount after close, day-of-week patterns, micro-comp pattern (modifier abuse proxy). Each name gets a composite risk score 0-100, sorted by severity.
— What it catches
The signals.
- •Void after payment — paid then voided. The classic skim.
- •Cash-only voiders — ≥80% voids on cash tender, ≥5 voids total
- •Comp abuse — above peer band or > 10% of own revenue comped
- •Promo stacking — two or more discounts on a single ticket
- •Discount after close — discount applied after ticket closed
- •Day-of-week patterns — ≥40% of voids cluster on one weekday
- •Micro-comp pattern — 10+ comps averaging under $5 each ("no charge add bacon")
— Data it needs
The input.
Ticket-level CSV (Toast Sales Detail / Square Transactions / Clover Reports) with Location, Employee, Ticket Total, Tender, Void/Comp/Discount columns. Optional Closed-At timestamp enables the day-of-week pattern detector.
— What you'll see
The output.
Seven color-coded signal cards · top-20 employee table sorted by composite risk score (red ≥ 50, orange ≥ 20).
— Sample signal
James Wilson · 6 void-after-payment tickets · 100% cash tender · Tue 6/6 · risk score 83.
— POS support
Works with your stack.
Toast Sales Detail · Square Transactions · Clover Reports (CSV today)
Don't see your POS? Drop a CSV at /trial — the parser auto-detects most column shapes. Or join the integration waitlist and we'll email you the moment the OAuth ships.