Prompt

Flag renewal risk on existing customers

A Claude prompt that scans your customer book for deterioration signals — executive departures in the buying group, layoffs in the function we serve, M&A as the acquired party, lawsuits, security incidents. The signals that precede a churn conversation by 60-90 days, not 30. Built for CS leadership running early-warning across the book.

The expansion prompt and the renewal-risk prompt run against the same customer book, with opposite questions. Sometimes both fire on the same account at the same time. That mixed picture is the real CSM intelligence — not a single score, but two simultaneous reads.

Once Lusha is connected in Claude, the connector runs in the background — no special syntax needed. Just paste the customer book and run.

Images on this webpage are for illustrative purposes only. Any named individuals shown in live demo outputs are real, with last names abbreviated for privacy.

 

The prompt

<context>
I'm a CSM, CS leader, or AM. I want to scan my customer book for the events that precede churn — leadership departures, layoffs, M&A as the acquired party, lawsuits, security incidents — so I have 60-90 days of warning instead of 30.

For each customer, I'll provide:
- Account name or domain
- Renewal date (or quarter)
- Original buyer / champion (name and role)
</context>

<task>
1. Take this customer book (one row per customer, with renewal date and original champion):
   [PASTE LIST]

2. For each customer, use Lusha's signals layer to scan the last 90 days for renewal-risk triggers:
   - Executive departures (especially the original champion or their manager)
   - Headcount decreases (layoffs, restructuring)
   - M&A as the acquired party (acquirers consolidate stacks)
   - Lawsuits filed against the company (financial / governance risk)
   - Security incidents (operational distraction, vendor scrutiny increases)
   - Sustained hiring freeze in the function we serve (budget contracting)
   - C-suite turnover beyond a single role (broader instability)

3. For each customer, return:
   - Customer name and renewal date
   - Original champion status (still in role, departed, manager changed)
   - Risk triggers fired
   - Trigger dates
   - Risk angle — one sentence on what this means for the renewal
   - Recommended save play (executive sponsor escalation, value reinforcement, contract restructure)

4. Rank customers by risk severity:
   - HIGH — original champion departed OR 2+ risk triggers fired in the window
   - MEDIUM — 1 risk trigger fired that doesn't involve the original champion
   - LOW — minor risk signal (single security issue, isolated departure outside buying group)
   - STABLE — no risk signals in window

5. Surface any customer where BOTH expansion AND risk triggers have fired. These are the highest-priority CSM conversations — opportunity and risk firing simultaneously is the moment the executive sponsor decides.
</task>

<constraints>
- The original champion departing is the single strongest risk trigger. A new buyer in their seat means re-selling the value of the product from week one.
- M&A as the acquired party is the second strongest. Acquirers typically review every vendor contract in the first 12 months post-close.
- Do not invent risk events. Surface only what Lusha returns.
- A customer with no triggers is STABLE — that's data, not absence of data.
- When expansion signals (from the customer expansion prompt) and risk signals fire on the same account, surface both. Mixed-state accounts are the highest-priority CSM conversations.
</constraints>

What you'll get back

Input: 5-account customer book. Each customer scoped with renewal date and original champion. Window — last 6 months.

Output: 1 HIGH, 1 MEDIUM with mixed-state flag, 1 LOW, 2 STABLE. Below is the real result from running the prompt against the live Lusha connector.

High risk

Snowflake — RENEWAL RISK: HIGH (mixed-state with expansion)

  • Renewal Q3, original champion was in the GTM function under Mike Gannon (former CRO)
  • Risk triggers fired:
    • Original buyer’s manager departed — Mike Gannon left as CRO for personal reasons, replaced by Jonathan Beaulier (March 31, 2026)
    • 70 layoffs in technical writing (March 2026) — public messaging cited AI as the reason, signaling broader cost discipline
    • Multiple class-action securities lawsuits filed by Schall Law Firm, Bronstein Gewirtz, RGRD Law, Faruqi & Faruqi (March-April 2026)
    • Two additional senior departures — Caroline Van Cleemput to Fortinet, Bryan Abou-Rjaily to AtScale as CRO
  • Risk angle: The CSM’s existing champion is now reporting to a brand-new CRO who has no relationship to the original purchase decision. Combined with active securities litigation and announced layoffs, the company is in a public cost-discipline narrative. Vendor reviews are a high probability inside the first 90 days of the new CRO.
  • Mixed-state flag: Expansion signals ALSO firing. This is the same account that scored READY in the customer expansion prompt — three AI acquisitions, new CSTO role, AI data layer rebuild. The opportunity and the risk are firing simultaneously.
  • Recommended save play: Executive sponsor escalation in week 3-6 of the new CRO’s tenure. Lead with usage data and impact metrics, position the renewal as the foundation for the AI data layer scope expansion. Don’t let the renewal go to the new CRO’s first vendor review without a pre-briefing from the original champion.

Medium risk

MongoDB — RENEWAL RISK: MEDIUM (mixed-state with expansion)

  • Renewal Q4, original champion in the corporate sales vertical
  • Risk triggers fired:
    • CEO transition — Dev Ittycheria stepped down November 10, 2025, replaced by CJ Desai. (The former CEO Max Schireson is now at Battery Ventures.)
    • Regional Sales Director Jascolka departed in May 2026 to Wonderful
    • Incoming CRO Ryan Mac Ban starts April 27, 2026 (new role, not a departure, but adds to leadership turbulence)
  • Risk angle: Three leadership changes in the GTM function inside 6 months, including the CEO. The original champion is still in role but reports into a structure that is being rebuilt. The renewal conversation will happen in a different reporting line than the original purchase.
  • Mixed-state flag: Expansion signals ALSO firing. Incoming CRO is also Prompt 7’s strongest expansion trigger. Same person, same arrival, different lens.
  • Recommended save play: Schedule a “leadership-onboarding briefing” with the original champion as co-presenter. Get the value story in front of the new CRO before the renewal cycle starts.

Low risk

Notion — RENEWAL RISK: LOW

  • Risk triggers fired:
    • Security issue (April 2026) — public pages found leaking user emails and profile pictures
    • Global outage (December 2025) — Cloudflare-driven, not a Notion-direct event
  • Risk angle: Operational distraction, not a churn signal. The security issue is the kind of event that increases vendor scrutiny across the board (Notion’s stack will be reviewed; ours might be too). Not urgent for renewal, but worth a proactive conversation in the next QBR.
  • Recommended save play: Reach out with a security/governance brief from our side. Position our compliance footprint as a stability anchor during their incident response window.

Stable

  • Verkada — no renewal-risk triggers in the 6-month window. The funding round, EMEA expansion, and Sales/Engineering hiring surges are all expansion-positive. Continue normal cadence with expansion play (see Prompt 7).
  • Together AI — no renewal-risk triggers in the 6-month window. Funding negotiation in progress is positive context. Continue normal cadence.

20 credits consumed for the full risk scan across 5 customers. The HIGH and MEDIUM accounts are now in escalation. The STABLE accounts return on the next monthly run.

Built by: Lusha
Time to build: 1 min
Difficulty: Easy
Tools: Claude
Copy your API key

Why use Lusha in Claude

Renewal risk is a 90-day-warning problem disguised as a 30-day-surprise problem. The signals that predict churn are visible months before the renewal call, but they hide in places CSMs don’t monitor without a structured scan. Three patterns repeat across every CS book.

The original champion is the highest-value signal. A customer who renews you because the original buyer is still in the seat is a stable renewal. A customer where the original buyer left and was replaced by someone who didn’t sign the contract is a renewal-at-risk by structural definition — the new person inherits the budget line but not the conviction behind it. The prompt surfaces champion status first because nothing else matters as much.

Layoffs and lawsuits change the renewal conversation from “renew at growth” to “renew flat or down.” A customer in active cost discipline will look at every vendor line item. A customer in litigation will scrutinize every contract clause. The signals do not predict churn directly — they predict scope reduction, term reduction, and price pressure. All of which are renewal-risk events even when the customer technically renews.

Mixed-state accounts are the most important to surface. A customer with expansion signals AND risk signals firing is the account where the CSM’s executive sponsor needs to make a call. Lead with expansion and the risk gets ignored. Lead with risk and the expansion opportunity gets lost. The right move is to surface both at the same time so the strategy gets set deliberately. The Snowflake row in the demo is the canonical case — three AI acquisitions building toward expansion AND a new CRO, layoffs, plus active securities litigation. Both are real. Both matter. Both inform the same conversation.

Stable accounts confirm the scan worked. A monthly run that flags 3 of 5 accounts is a working scan on a noisy book. A monthly run that flags 5 of 5 every month means the trigger threshold is too loose. A monthly run that flags 0 of 5 every month means the scan isn’t catching real signals. The prompt’s output distribution is itself a calibration signal for the CS leader.

Data drawn from Lusha’s signals layer, built on 300M+ verified contacts and millions of company records under GDPR, CCPA, SOC 2, ISO 27701, ISO 31700, and TRUSTe.

FAQ

  • How is this different from the customer expansion prompt?

    The expansion prompt scans the same customer book for opportunity signals — events that mean buy more. This prompt scans for deterioration signals — events that mean stay flat, scope down, or churn. Same book, same signal layer, opposite question. Both should run monthly. Mixed-state accounts where both fire are the most important CSM conversations.

  • What's the strongest renewal-risk signal?

    The original champion or their manager leaving the company. A new person in the buying seat means the value of the product has to be re-sold from week one. Every other signal — layoffs, lawsuits, M&A — increases scrutiny but doesn’t reset the buying conviction the same way a personnel change does.

  • How early should I run this before a renewal date?

    90 days minimum, 180 days ideal. Running the scan 30 days before renewal catches problems too late to act on. 90 days gives the CSM time to escalate to an executive sponsor, schedule a re-pitch with the new leader, or restructure the contract. 180 days catches structural risk (acquisitions, leadership transitions) far enough out to influence the deal shape.

  • Should I run this against my whole book or just the top tier?

    Monthly against the top tier, quarterly against the rest. The signal scan is credit-efficient enough to run book-wide, but the CSM follow-through has limits. Triggered HIGH-risk accounts in lower tiers can be batch-handled (template outreach, manager-level escalation). Triggered HIGH-risk in top tier accounts need named human action.

  • What if the customer's M&A is them acquiring someone else, not being acquired?

    That’s an expansion-positive signal (the customer is consolidating, often deepens existing relationships) and surfaces in the expansion prompt, not this one. The risk version of M&A is the customer being acquired — different conversation entirely.

  • Can the prompt detect renewal risk that's not in the news?

    The signals layer indexes events that have been publicly reported. Internal cultural shifts, manager-level frustration, product satisfaction declines — these are not in the signals layer. They show up in the CSM’s own customer conversations, NPS data, and CRM notes. The prompt complements those signals; it doesn’t replace them. The strongest renewal-risk picture combines this scan with internal CS data.

Related Plays

Ready to build this?

Get started with Lusha and set up this play in minutes.

Start for free