How to build real-time customer change-event emission for multi-location AI agents

The 4-skill bundle on the event-ops agent

One agent. Four coordinated skills. The Capture + Emit + Propagate + Audit bundle runs above the streaming + CDC + schema-registry + warehouse + reverse-ETL substrate and writes one canonical per-event record under Outbox Pattern + Event Sourcing + CQRS + per-event causal ordering.

Compliance overlay

Five anchors run per-event before any consumer-impacting downstream action. The first anchor is operationally distinctive: CloudEvents 1.0 + AsyncAPI 2.6 + Outbox Pattern + Event Sourcing + CQRS + per-event causal ordering (Lamport + vector clock + HLC) + idempotent at-least-once + exactly- once semantics.

FAQ

What is real-time customer change-event emission — and what is the at-least-once-times-GDPR-Article-22 propagation problem distinctive to this skill?

A multi-location operator runs 32 AI agents on 30+ vendor systems. Each agent observes customer state and routes downstream actions. When a customer state changes (purchase + loyalty tier transition + DSAR submission + consent withdrawal + churn signal + cross-sell signal + per-vertical sensitive-data flag), the change must propagate to every downstream agent in near-real-time. The four-skill bundle on the event-ops agent — Capture, Emit, Propagate, Audit — sits above the streaming substrate (Apache Kafka + Confluent + AWS MSK + Azure Event Hubs + Google Cloud Pub/Sub + Vercel Queues + RabbitMQ + Redis Streams + NATS + Apache Pulsar) + CDC (Debezium + Maxwell + Striim + Fivetran + per-database connector: PostgreSQL logical replication + MySQL binlog + MongoDB Change Streams + DynamoDB Streams + SQL Server CDC + Oracle GoldenGate) + schema-registry + warehouse + reverse-ETL and writes a per-event canonical record. The operationally distinctive anchor: CloudEvents 1.0 specification (per CNCF) + AsyncAPI 2.6 + Outbox Pattern + Transactional Outbox per Chris Richardson + Saga Pattern + Event Sourcing + CQRS + per-event causal ordering (Lamport timestamp + vector clock + hybrid logical clock HLC per Leslie Lamport 1978) + idempotent at-least-once processing + per-event deduplication + per-event exactly-once semantics via two-phase commit. Plus GDPR Article 22 right not to be subject to automated decision + Article 28 data processor + Article 30 records of processing + Article 33 72-hour breach + 17-state DSAR propagation (per #584 versioned customer history substrate) + HIPAA Marketing Rule 45 CFR 164.508(a)(3) when event drives marketing.

Why do Apache Kafka + Confluent + AWS MSK + Vercel Queues + Debezium + Maxwell + Segment + Salesforce Data Cloud break at 32-agent real-time customer-event scale?

Each streaming vendor ships per-tenant flat topic + partition + retention primitives. Each CDC vendor ships flat change-data-capture stream. Each CDP ships flat unified profile. None coordinates Outbox Pattern + Transactional Outbox + Saga Pattern + Event Sourcing + CQRS + per-event causal ordering (Lamport + vector clock + HLC) + idempotent at-least-once processing + per-event deduplication + per-event exactly-once semantics. None enforces CloudEvents 1.0 + AsyncAPI 2.6 + Confluent Schema Registry + Apicurio + AWS Glue Schema Registry + Buf Schema Registry schema-discipline + per-event versioning. None gates per-event against GDPR Article 22/28/30/33 + 17-state DSAR propagation + HIPAA Marketing Rule + EU AI Act Article 22 + Annex III + SOX. None writes a per-event audit trail with causal-ordering proof + regulatory-defense retention. The four-skill bundle Capture + Emit + Propagate + Audit sits above the streaming + CDC + schema-registry + warehouse + reverse-ETL substrate — it does not replace it.

How does Capture + Emit work with Outbox Pattern + Event Sourcing + per-event causal ordering?

Capture runs per-portfolio per-banner per-vendor-system per-customer change-data-capture: CDC via Debezium + Maxwell + Striim + Fivetran + Airbyte + Stitch + Hevo + Striim + per-database (PostgreSQL logical replication + MySQL binlog + MongoDB Change Streams + DynamoDB Streams + SQL Server CDC + Oracle GoldenGate + CockroachDB CDC). Per-source per-table per-row change capture. Transactional Outbox + Outbox Pattern per Chris Richardson + Saga Pattern + Event Sourcing + CQRS. Per-change Lamport timestamp + vector clock + hybrid logical clock (HLC) per Leslie Lamport 1978 for causal ordering. Per-change idempotent ID + deduplication key + exactly-once-semantics via two-phase commit + compensating transactions. Emit runs per-event normalization via CloudEvents 1.0 specification + AsyncAPI 2.6 + Apache Avro + Protobuf + JSON Schema + Confluent Schema Registry + Apicurio + AWS Glue Schema Registry + Buf Schema Registry. Per-event publication to Apache Kafka + Confluent Cloud + AWS MSK + Azure Event Hubs + Google Cloud Pub/Sub + Vercel Queues + RabbitMQ + Redis Streams + NATS + ZeroMQ + Apache Pulsar. Per-event downstream processing via Kafka Streams + Apache Flink + Apache Beam + Spark Structured Streaming + Axon Server + EventStoreDB.

What does Propagate + Audit do?

Propagate runs per-event downstream propagation across the 32-agent swarm + 30+ vendor systems via reverse-ETL (Segment + mParticle + Tealium + Lytics + RudderStack + Hightouch + Census) + workflow orchestration (Temporal + AWS Step Functions + Azure Durable Functions + GCP Workflows + Camunda + Zeebe + Argo Workflows + Airflow + Prefect + Dagster + Mage). Per-event downstream subscriber list + per-subscriber delivery status + per-subscriber retry policy + per-subscriber dead-letter queue + per-event SLA. DSAR propagation through #584 versioned customer history substrate. Gate runs 5 anchors per-event before any consumer-impacting downstream action. (1) CloudEvents 1.0 + AsyncAPI 2.6 + Outbox + Event Sourcing + CQRS + per-event causal ordering (Lamport + vector + HLC) + idempotent + exactly-once + deduplication. (2) GDPR Article 6/7/22/28/30/32/33 + EU-US DPF + SCCs + UK IDTA + 17-state DSAR propagation + LGPD + DPDP + PIPEDA + Quebec Law 25 + CCPA + CPRA + COPPA + 18-state + Washington MHMDA + Texas SCOPE + state biometric. (3) HIPAA 45 CFR 164.502/504/514/308/312 when MedicalBusiness event includes PHI + HIPAA Marketing Rule 164.508(a)(3) when event drives marketing + GLBA + FCRA Section 611 + per-vertical (ABA Model Rule 7.1-7.5 + FINRA Rule 2210 + SEC Regulation FD). (4) EU AI Act Article 22 + 26 + 50 + Article 13/14/15 + Annex III when AI-ML event-processing drives consumer-impacting routing + Article 6/27 FRIA + DSA + DMA + ECOA Reg B + 4/5ths rule + Title VII + Fair Housing + EEOC AI Guidance + NYC Local Law 144. (5) SOX 302/404/906 when public-company customer-event material to financial reporting + COSO + Exchange Act 13(b)(2) + FASB ASC 606 + SEC Reg S-K + FTC Endorsement Guides + Pfizer 1972 + CFPB UDAAP + state UDTPA + FDD Item 12 + 18 USC 1030 CFAA + DMCA 17 USC 1201. Audit writes a per-event WORM canonical record: change-capture source + Lamport/HLC timestamp + Outbox transaction ID + CloudEvents envelope + AsyncAPI schema version + downstream subscriber list + delivery status + retry policy + per-anchor gate-pass + per-vertical applicability + AI-ML provenance + EU AI Act FRIA. Storage: AWS S3 Object Lock + Azure Blob immutable + GCS + Wasabi WORM. Retention: 7-year FTC + 7-year IRS + 7-year HIPAA + 6-year SEC + 3-year FINRA + 7-year SOX + GDPR Article 30 + EU AI Act Article 12 + SOC 2 CC7/CC8.

What does this skill connect to on the event-ops agent and across the swarm?

On the event-ops agent: real-time change-event emission from master record across multi-location portfolios (sibling build-pillar) + idempotent dedup CRM record creation (sibling build-pillar) + per-field conflict resolution policy (sibling build-pillar). Across the swarm: versioned customer history for DSAR (#584 same GDPR + identity substrate + DSAR propagation) + multi-stream severity routing (#578 same regulatory-clock + durable-streaming substrate) + multi-vendor receipt joining (#585 same identity-resolution substrate) + vendor changelog feed ingestion (#569 same streaming + CDC substrate) + governance-decision-router five-destination routing + master-record. Build-pillar siblings: tiered pre-filter deterministic gates for AI content compliance + marketing AI autonomy profile configuration + per-vertical compliance overlay. Commercial-pillar parent: /event-driven-architecture.

What does the 6-workstream pre-engagement-baseline reporting cycle look like for this skill?

Every two weeks during the Tier 3 Fractional CMO with AI Swarm engagement, six workstreams report against the pre-engagement baseline. Workstream 1: per-portfolio streaming + CDC substrate coverage — Kafka + Confluent + AWS MSK + Debezium + Maxwell + per-database CDC connector + schema-registry + catalog. Workstream 2: Capture per-source flow — per-source CDC volume + Outbox transaction ID + Lamport/HLC timestamp + idempotent ID. Workstream 3: Emit per-event normalization — CloudEvents 1.0 + AsyncAPI 2.6 + Avro/Protobuf/JSON Schema + schema-registry + per-event versioning. Workstream 4: Propagate per-event downstream flow — reverse-ETL + workflow orchestration + per-subscriber delivery status + retry + DLQ + SLA + DSAR propagation. Workstream 5: Regulatory-defense audit coverage — CloudEvents + AsyncAPI + Outbox + Event Sourcing + CQRS + causal ordering + GDPR Article 22/28/30 + 17-state DSAR + HIPAA Marketing + EU AI Act Article 22 + SOX. Workstream 6: FBC feedback-loop pattern-learning — per-event realized-vs-predicted propagation + per-subscriber delivery match-rate + per-jurisdiction enforcement-update.

Related reading

• Parent commercial pillar: event-driven architecture
• Sibling build-pillar: versioned customer history for DSAR (#584 DSAR propagation)
• Sibling build-pillar: multi-stream severity routing (#578 same durable-streaming substrate)
• Sibling build-pillar: vendor changelog feed ingestion (#569 same streaming + CDC substrate)
• Fractional CMO with AI Swarm
• AI Readiness Assessment