GTM, Enterprise and the 1,000 Paper Cuts
Launch end-to-end, sell to enterprises and protect developer trust
Own launch end-to-end with PMM
After this you can run a developer-product launch from checklist to feedback loop.
At Cursor there is no launch team waiting downstream of you. The PM who built the feature is the one who ships it, writes the changelog and watches the first hour of telemetry.
The JD is blunt about this: you own launch execution end-to-end with Product Marketing. That word with is doing real work. PMM is a partner who sharpens the narrative and runs the channels, not a function you hand the feature to so you can move on. You still drive the date, the gating, the rollback call and the story.
For a tool developers open every morning, a launch is not an announcement. It's a change to a workflow people already trust, so the bar is whether the new thing earns its place without breaking the old one.
The GTM checklist you actually ownnot a handoff doc
A launch checklist for a developer tool is mostly about readiness, not promotion. The flashy post is the last 10%. The other 90% is making sure the thing works, is documented, is priced and won't generate a support fire you can't put out.
- Workstream
- Product
- What you own
- The feature works on real codebases, behind a flag, with a clean default off-state
- What "ready" looks like
- Dogfooded internally for days, known edge cases listed, off-switch tested
- Workstream
- Docs
- What you own
- Accurate docs and an in-product entry point a developer can self-serve
- What "ready" looks like
- A skeptical engineer can find it and succeed without talking to anyone
- Workstream
- Changelog
- What you own
- The developer-facing story: what it does, why it exists, how to try it
- What "ready" looks like
- Concrete, honest, demo-able in one screenshot or one command
- Workstream
- Pricing / packaging
- What you own
- Whether it's free, gated or enterprise-only, decided before launch not after
- What "ready" looks like
- No surprise repricing; the gating decision is defensible to both segments
- Workstream
- Support readiness
- What you own
- Support and the community team know what's shipping and the top three likely issues
- What "ready" looks like
- A canned answer and an escalation path exist on day zero
| Workstream | What you own | What "ready" looks like |
|---|---|---|
| Product | The feature works on real codebases, behind a flag, with a clean default off-state | Dogfooded internally for days, known edge cases listed, off-switch tested |
| Docs | Accurate docs and an in-product entry point a developer can self-serve | A skeptical engineer can find it and succeed without talking to anyone |
| Changelog | The developer-facing story: what it does, why it exists, how to try it | Concrete, honest, demo-able in one screenshot or one command |
| Pricing / packaging | Whether it's free, gated or enterprise-only, decided before launch not after | No surprise repricing; the gating decision is defensible to both segments |
| Support readiness | Support and the community team know what's shipping and the top three likely issues | A canned answer and an escalation path exist on day zero |
PMM amplifies the changelog and runs channels; you are accountable for every row being true.
Rollout sequencing with kill criteriaearn the next ring of exposure
You don't flip a feature to every Cursor user at once and hope. You expand the blast radiusHow much breaks if a change goes wrong; the scope of potential damage. in rings and each ring has to earn the next one. The discipline that separates a builder-PM from a roadmap-PM is writing the kill criteria before you start, so the rollback decision is a number, not an argument.
- 1Dogfood. Ship it to the team and to internal heavy users first. If your own engineers route around it, it isn't ready for anyone.
- 2Closed beta. A self-selected slice of real users behind a flag. Watch acceptance and retention on the feature, not just clicks.
- 3Staged GA. Roll to 5%, then 25%, then 100%, holding at each step long enough to read the data and the forums.
- 4Define kill criteria up front. e.g. "if Tab acceptance drops more than X% or p95 latency regresses past the budget, we pull it." Written before launch, not negotiated mid-incident.
- 5Keep the off-switch live. Until GA is stable, rolling back has to be one config change, not a hotfix and a deploy.
Interactive diagram. Tab through its regions; each focused region shows its detail in the panel below.
Each ring earns the next; kill criteria are the gate you write before you start.
A new feature that helps 80% of users but regresses the core editing loop for 20% is a net loss for a daily-use tool. Latency and correctness in the existing workflow outrank the new capability. If your rollout metric is only adoption of the new thing, you'll miss the trust you're quietly burning in the path everyone already depends on.
Close the loop in publicthe launch isn't done at GA
Developers notice when a vendor ships and disappears and they notice when one ships and listens. The feedback loop is part of the launch, not a cleanup phase after it. Capture signal fast, triage it and be visible about what you're changing.
- Telemetry
- Acceptance rate, retention on the feature, latency, error rates - the unsentimental truth about whether it's working
- Forum / community
- The forum, Discord and the subreddit where developers say what they actually think, fast and unfiltered
- Support tickets
- The bugs and confusion that became real enough for someone to write in
- Your own usage
- You're a heavy user; if it annoys you on day three, it annoys everyone
Triage daily in the first week. A fix shipped in 48 hours buys more trust than the launch post did.
“I'd dogfood it, run a flagged beta, then stage GA at 5/25/100 with kill criteria written down before launch - acceptance and p95 latency on the core loop, not just adoption of the new feature. PMM and I co-own the changelog, but I'm watching telemetry and the forum the first week and shipping a fix in 48 hours if something's off. The launch isn't done at GA; it's done when the curve is stable and people trust it.”
When asked how you'd launch a feature, resist the marketing-plan answer. Lead with readiness and rollout safety, name your kill criteria as numbers and frame PMM as a co-owner you drive alongside. That sequence tells the hiring team you've actually shipped to real users, not managed a launch from a slide.
Takeaway. You own the launch end-to-end: readiness across product/docs/changelog/pricing/support, a ringed rollout with kill criteria written before you start and a public feedback loop - PMM is a co-owner you drive, not a handoff.
Self-check
QYou're launching a new agent capability to all Cursor users. What's the single most important thing to define before you ship and why?
Individual vs enterprise
After this you can reason about serving two very different audiences from one product.
The individual developer wants to stay in flow. The enterprise wants control over what that developer's tool can see and do. Same product, two jobs that pull in opposite directions.
The JD calls out setting direction across individual and enterprise audiences and deciding what to build, cut and in what order. That's the hardest framing in the role, because the two segments don't just want different features - they often want the absence of each other's features. An admin control that reassures a CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over. can feel like friction to the developer it constrains.
Different jobs, not different polishthe buyer and the user diverge
Interactive diagram. Tab through its regions; each focused region shows its detail in the panel below.
Same product; the user and the buyer pull in different directions.
- Dimension
- Core job
- Individual developer
- Flow state - fast, low-friction, stays out of the way
- Enterprise
- Trust at scale - security, governance, predictability
- Dimension
- Who decides
- Individual developer
- The user is the buyer; they churn in one click
- Enterprise
- A CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over. and procurement buy; the user often can't opt out
- Dimension
- What delights
- Individual developer
- Speed, taste, the agent just working on their repo
- Enterprise
- SSOSingle Sign-On. One company login (usually via SAML or OIDC) instead of a separate password per tool., audit logs, controls that pass a security review
- Dimension
- What scares them
- Individual developer
- Latency, wrong edits, anything that breaks their muscle memory
- Enterprise
- Code or context leaving their boundary, an un-auditable tool
- Dimension
- Time horizon
- Individual developer
- Value in the first session or they bounce
- Enterprise
- Pilots, security reviews, multi-quarter rollouts
| Dimension | Individual developer | Enterprise |
|---|---|---|
| Core job | Flow state - fast, low-friction, stays out of the way | Trust at scale - security, governance, predictability |
| Who decides | The user is the buyer; they churn in one click | A CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over. and procurement buy; the user often can't opt out |
| What delights | Speed, taste, the agent just working on their repo | SSOSingle Sign-On. One company login (usually via SAML or OIDC) instead of a separate password per tool., audit logs, controls that pass a security review |
| What scares them | Latency, wrong edits, anything that breaks their muscle memory | Code or context leaving their boundary, an un-auditable tool |
| Time horizon | Value in the first session or they bounce | Pilots, security reviews, multi-quarter rollouts |
The individual is the wedge; the enterprise is the durable revenue. You have to keep loving the first without starving the second.
Enterprise table stakesthe checklist that gates the deal
A lot of enterprise work isn't glamorous product - it's the controls that let a security team say yes. These rarely show up for the individual user, but their absence ends an enterprise conversation before it starts. Know what's actually table stakes versus what's differentiating.
Privacy mode and a clear data-retention story - what is sent, stored, trained on.
Zero-data-retention options and SOC 2-style attestations.
The first question a CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over. asks: does our code leave our boundary?
SSOSingle Sign-On. One company login (usually via SAML or OIDC) instead of a separate password per tool. / SAMLAn enterprise standard that powers single sign-on., team and seat management, role-based access.
Org-level policy: which models, which features, which data settings.
Audit and usage visibility for the admin who has to answer for it.
Options that fit the customer's risk posture and data-residency needs.
Procurement, legal and vendor-review readiness.
Predictable behavior across a large, heterogeneous org.
A plan that maps to how the org buys, not just per-seat self-serve.
Centralized billing and provisioning.
Room for the enterprise motion without repricing the individual.
Gating without punishing either sidethe packaging decision
The classic mistake is gating something behind the enterprise tier that the individual experience genuinely needs or cluttering the individual product with controls only admins want. Good packaging puts each capability where it belongs: flow-state features stay ungated and frictionless, governance features live in the admin layer where developers never see them.
- Helps the developer work
- Keep it in the core product, ungated. Don't tax flow to drive upgrades.
- Controls or audits the developer
- Put it in the enterprise/admin layer, invisible to the individual.
- Costs real money per use
- Meter it transparently; surprise bills erode trust faster than any paywall.
- Only an org would ever want
- Enterprise-only is fine here - individuals don't miss what they'd never use.
The test: would gating this make a solo developer feel punished? If yes, find another lever.
When an enterprise need should - and shouldn't - bend the roadmapsequencing under pressure
A large prospect will ask for things. Some of those requests are real signals about the next 50 customers; some are one logo's idiosyncrasy dressed up as a trend. Reading the difference is most of the judgment in this part of the job.
- The enterprise ask
- A security control every large org will need
- Bend the roadmap?
- Yes
- The reasoning
- It's table stakes that unblocks a whole segment, not one deal
- The enterprise ask
- A workflow many enterprises independently asked for
- Bend the roadmap?
- Probably
- The reasoning
- Repeated, independent demand is a real signal worth sequencing in
- The enterprise ask
- A bespoke integration only this customer uses
- Bend the roadmap?
- Rarely
- The reasoning
- High cost, narrow value; offer a workaround or a paid services path
- The enterprise ask
- Something that degrades the individual experience
- Bend the roadmap?
- No
- The reasoning
- Protect the wedge; the individual product is why enterprises want you
| The enterprise ask | Bend the roadmap? | The reasoning |
|---|---|---|
| A security control every large org will need | Yes | It's table stakes that unblocks a whole segment, not one deal |
| A workflow many enterprises independently asked for | Probably | Repeated, independent demand is a real signal worth sequencing in |
| A bespoke integration only this customer uses | Rarely | High cost, narrow value; offer a workaround or a paid services path |
| Something that degrades the individual experience | No | Protect the wedge; the individual product is why enterprises want you |
Distinguish a segment-unlocking requirement from a single account's special request.
Cursor lands in enterprises because individual developers already love it and bring it to work. If you degrade the individual experience to chase enterprise revenue, you kill the exact thing that makes the enterprise want you. The order matters: keep the developer experience exceptional, then build the controls that let an org adopt it safely.
When the onsite asks "what would you build for individual vs enterprise," don't list features for each. Name the tension first - flow vs. control, user-as-buyer vs. CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over.-as-buyer - then show your sequencing rule: keep the developer experience ungated, build governance in the admin layer and bend the roadmap only for segment-wide needs. If you've shipped an enterprise developer product before, this is where you ground it in a real example.
Takeaway. Individual and enterprise want opposite things - flow vs. control - so keep flow-state features ungated, build governance in the admin layer and bend the roadmap only for segment-wide needs that protect, not punish, the developer wedge.
Self-check
QAn enterprise prospect says they'll sign for 5,000 seats if you build a custom integration only they use. Sales is pushing hard. How do you reason about it?
Customers, sales and high-stakes demos
After this you can work directly with customers and the field and demo under pressure.
A builder-PM at Cursor doesn't get product signal filtered through three layers. You're in the room with the customer, sometimes driving the demo yourself, sometimes fielding the question sales can't.
The JD has you working directly with customers, sales and field engineering, including high-stakes accounts. The phrase that anchors the whole posture is in the role context: polished but gritty. You can sit in an enterprise sales conversation without losing the credibility of someone who actually builds and uses the product. That credibility is your edge in the room and it's why they want a technical PM there at all.
Discovery that turns into product, not notesyou're there to learn, then to ship
Sales runs discovery to close; you run discovery to find the next thing to build. The two overlap, but your job is to leave with a sharpened understanding of the customer's workflow and where the tool breaks for them - and to come back with a change, not a Notion doc nobody reads.
- 1Watch the real workflow. Ask them to show you how they actually code today, where the tool helps and where they route around it. Observed behavior beats stated preference.
- 2Find the breakpoint. Identify the one place the experience fails for this team - a stack, a repo size, a missing control - and get it concrete with an example.
- 3Separate the symptom from the need. A request for feature X often hides a deeper job; restate the job in your own words and confirm it.
- 4Close the loop. Tell them what you heard, what you'll do and when. Then actually ship something and come back. That's what turns a customer into a believer.
Brainstorm the funnel with the codebase as ground truththe code is the most honest source
Before you go ask a customer or a data scientist anything, ask the product. When you're reasoning about a funnel - say BugbotCursor's automated PR reviewer that posts inline findings and can push fix commits from isolated VMs. onboarding and activation - Cursor can describe the status quo exhaustively: every feature-flag nuance, the data states a user can fall into, whether an analytics event is even instrumented the way you assumed and why an inconsistency exists in the numbers. That used to mean pulling an engineer or staring at code for hours. Now it's a near-instant, grounded answer you feed straight into the product decision.
“I'm actually just like brainstorming with Cursor on that because it can basically just tell me what is the status quo very exhaustively much more than I could.”
The codebase tells you what is, not what users want. Brainstorming with Cursor replaces the hours of code-archaeology and the "is this event even firing?" round-trips, not the customer conversation. Use it to walk into discovery already knowing how the funnel actually behaves, so your questions get sharper instead of basic.
Partner with the field on high-stakes accountsyou amplify them, you don't replace them
Sales owns the deal and the relationship; field engineering owns the technical depth on the ground. You bring product authority and the ability to commit (carefully) to direction. The failure mode is a PM who freelances in front of the customer and undercuts the account team, so coordinate before you walk in.
- Agree on roles before the meeting: who runs it, who handles objections, where you step in.
- Bring what only a PM can - the why behind the product and a credible read on what's coming, without over-promising a roadmap.
- Take the technical questions that stump the account team and be honest when the answer is "not yet, here's the workaround."
- Feed everything back to the field as synthesized signal, so the next account benefits without you in the room.
Run the demo when the stakes are higha tight value story, live, on their world
A high-stakes demo is not a feature tour. It's a story with one protagonist - the customer's own problem - solved in front of them. The most persuasive thing you can do with a developer audience is run Cursor live on a task that looks like their work and let the result speak.
- Demo move
- Open with their problem
- Why it lands
- They see themselves in the first 30 seconds
- The failure mode it avoids
- A generic feature walkthrough nobody remembers
- Demo move
- Run it live on a realistic task
- Why it lands
- Engineers trust what they watch work, not slides
- The failure mode it avoids
- A canned recording that screams "it only works in the demo"
- Demo move
- Show the verify-and-review loop
- Why it lands
- Proves it's a trustworthy workflow, not a magic box
- The failure mode it avoids
- An over-promise that collapses on their first hard repo
- Demo move
- Handle the hard question honestly
- Why it lands
- Builder credibility survives a "can't do that yet"
- The failure mode it avoids
- Bluffing, which a technical room detects instantly
| Demo move | Why it lands | The failure mode it avoids |
|---|---|---|
| Open with their problem | They see themselves in the first 30 seconds | A generic feature walkthrough nobody remembers |
| Run it live on a realistic task | Engineers trust what they watch work, not slides | A canned recording that screams "it only works in the demo" |
| Show the verify-and-review loop | Proves it's a trustworthy workflow, not a magic box | An over-promise that collapses on their first hard repo |
| Handle the hard question honestly | Builder credibility survives a "can't do that yet" | Bluffing, which a technical room detects instantly |
The goal is one undeniable moment where a skeptic in the room sees their own work get easier.
Never bluff a technical question in a high-stakes demo. A room full of engineers will catch it and the moment they do, every other claim you made becomes suspect. "That's not supported today - here's the workaround and it's on our radar" keeps your credibility intact. Honesty under pressure is the polished-but-gritty signal in action.
“For a high-stakes demo I'd open with their problem, not our feature list, then run Cursor live on a task that mirrors their codebase - including the review-and-verify step so it lands as a trustworthy workflow. When a hard question comes that we can't do yet, I say so and give the workaround. With a developer audience, a watched live win and an honest 'not yet' beat any polished deck.”
If the loop puts you in a demo or customer-conversation scenario, show that you'd turn the signal into a shipped change, not a report - and that you'd coordinate with the account team rather than freelance. Naming "polished but gritty" explicitly and proving it with an honest "not yet" in a tough moment, maps you directly to the trait the JD calls out.
Takeaway. In the room you're a technical PM who turns discovery into shipped changes, amplifies the account team instead of freelancing and wins high-stakes demos by running Cursor live on the customer's own problem and answering hard questions honestly.
Self-check
QMid-demo to a major prospect, a senior engineer asks whether Cursor handles their specific monorepo setup and you know it doesn't yet. What do you do?
The 1,000 paper cuts
After this you can build a system to surface, sequence and ship trust-protecting fixes.
A single wrong autocomplete at the wrong moment teaches a developer not to trust the next one. In a tool used thousands of times a day, the small stuff is the product.
The JD names this directly: kill the 1,000 paper cuts, the small quality issues that erode developer trust. It's listed as a responsibility because at Cursor's stage, the gap between "impressive" and "indispensable" is mostly a long tail of tiny frictions. A flashy new feature wins a headline; fixing the cursor jump that fires on every save wins the daily habit.
Why small bugs hit so hard herefrequency × trust
Trust in a developer tool is asymmetric. A great suggestion is expected; a wrong one that mangles your file is remembered. Because the tool sits in the inner loop of someone's work, the cost of a paper cut isn't one annoyance - it's multiplied by how often the developer hits it and how much it makes them doubt the tool.
A bug a user hits once a month is an annoyance. The same bug in the autocomplete loop, hit forty times a day, is a reason to turn the feature off - and a developer who turns one feature off starts doubting the rest. Frequency is the multiplier that turns a "minor" bug into a trust problem. That's why paper-cut triage can't rank by severity alone.
Source the paper cutsmake the invisible visible
You can't fix what you can't see and most paper cuts never become a formal ticket - the developer just sighs and works around them. So you go find them across four channels and you treat your own daily usage as a first-class source because you are exactly the user.
Tickets, the forum, Discord, the subreddit.
Cluster the repeated complaints; the same sigh from many people is a priority.
You're a heavy user - log the friction the moment it annoys you.
If it bugs you on day three, it's biting thousands silently.
Reject/undo spikes, rage patterns, features quietly toggled off.
The data shows the cuts nobody bothered to report.
Sales and field engineering hear the quiet deal-killers.
An enterprise paper cut can stall a whole rollout.
Investigate the symptom yourself with an observability MCPyou don't have to wait for an engineer
A paper cut often shows up as a vague symptom: one user's data looks wrong, a state seems impossible. At Cursor the observability stack is Datadog, and the speaker leans on the Datadog MCPModel Context Protocol. A standard that lets an AI agent pull in context from outside the repo, like Jira tickets or internal docs. heavily - Datadog ships a Cursor/VS Code extension that installs the MCP for you. With it plugged in you hand Cursor a user ID or a wrong-data report and tell it to investigate. It sifts the logs, lines up timestamps, resolves what it finds against the actual code and comes back with a thorough analysis - often more thorough than you'd manage by hand, and a far more ergonomic interface than clicking around the Datadog UI.
“I use the Datadog MCPModel Context Protocol. A standard that lets an AI agent pull in context from outside the repo, like Jira tickets or internal docs. extremely heavily. They actually have a Cursor or a VS Code extension that you can install that should also install their MCP.”
Triage by trust impact, not by who's loudestseverity × frequency × trust
The trap is fixing the bug the loudest person filed instead of the one quietly hurting the most users. A simple scoring lens keeps you honest: how bad is it when it hits, how often does it hit and how much does it make people distrust the tool. The third factor is the one most teams forget and it's the one that matters most for a daily-use product.
- Factor
- Severity
- What you're asking
- How bad is the outcome when it happens?
- Why it counts
- A mangled file outranks a cosmetic glitch
- Factor
- Frequency
- What you're asking
- How often does a typical user hit it?
- Why it counts
- A small bug in the inner loop beats a big one in a rare path
- Factor
- Trust impact
- What you're asking
- Does it make people doubt or disable the tool?
- Why it counts
- The factor that turns a paper cut into churn signal
- Factor
- Fix cost
- What you're asking
- How cheap is it to actually close?
- Why it counts
- Cheap, high-trust fixes are the best impact you have
| Factor | What you're asking | Why it counts |
|---|---|---|
| Severity | How bad is the outcome when it happens? | A mangled file outranks a cosmetic glitch |
| Frequency | How often does a typical user hit it? | A small bug in the inner loop beats a big one in a rare path |
| Trust impact | Does it make people doubt or disable the tool? | The factor that turns a paper cut into churn signal |
| Fix cost | How cheap is it to actually close? | Cheap, high-trust fixes are the best impact you have |
Score on all four. The loudest voice is one input, not the ranking.
Interactive diagram. Tab through its regions; each focused region shows its detail in the panel below.
The loudest report is one input, not the ranking - trust impact is the factor most teams forget.
Drive closure, not ticketsthe hard part is finishing
Filing the paper cut is the easy 20%. The reason these bugs persist is that they're individually small enough to always lose to the next big feature, so they rot in a backlog forever. The PM's real job here is to manufacture the conditions where they actually get fixed.
- Batch them into a recurring quality budget - a standing slice of eng time so paper cuts compete against each other, not against the headline feature.
- Make the long tail visible to leadership as a trust metric, so "polish" has a number behind it instead of being a vibe.
- Drive each one to closed and verified in production, not "merged" - for a daily-use tool, the fix only counts when users stop hitting it.
- Celebrate the closes the way launches get celebrated, so the team feels the quality work is valued, not invisible.
Track paper cuts to verified-in-production, not to "merged" or "closed." The whole point is that the user stops hitting the friction. A bug that's marked done but still fires for real users in the field is worse than untracked, because now everyone believes it's handled. Confirm on real telemetry that the cut actually stopped bleeding.
Own the small fixes yourselfPMs and designers push the P2s and P3s
The most reliable way to make sure paper cuts get fixed is to stop waiting for someone else to fix them. At Cursor, PMs and product designers own a lot of the frontend and UX and iterate on it very autonomously - they push code for the small things the team is never going to get to, the P2s, the P3s, the one-line UI tweaks. It's not a fantasy reserved for engineers. With a dev environment set up, it's a very doable place to get to.
There's also no blank-page tax on the way in. Because you start from the ticket or PRDProduct Requirements Document. The spec describing what to build and why. and point Cursor at it to define a plan - and often the PR itself - you're rarely cold-starting. You pick up work from an agent's investigation or a near-complete draft and take it from there.
“Every time someone starts actually building something they can essentially start with like a 90% of the PR complete or an entire plan or architecture diagram.”
The setup that makes this safe is a short loop: background agents pick up the small Linear tickets, BugbotCursor's automated PR reviewer that posts inline findings and can push fix commits from isolated VMs. reviews their output, and you test it in a local dev environment before it ships. That review gate is what lets a non-engineer push code without lowering the quality bar. The payoff is less deliberation - anyone with an opinion can just make the change and judge it in the running product instead of arguing about it in a meeting.
Interactive diagram. Tab through its regions; each focused region shows its detail in the panel below.
From ticket to verified-in-production without a cold start - Bugbot is the review gate that keeps the bar high.
Have one real story ready of a quality bar you held - a small fix you fought for and shipped that earned user trust. Tell it with the system, not just the heroics: how you found it, why you ranked it over louder work using frequency and trust impact and how you drove it to verified-in-production. That narrative proves taste and ownership at once, which is exactly what this round tests.
Takeaway. Small bugs erode trust because frequency multiplies them in the inner loop - so source paper cuts from support/usage/telemetry/field, rank by severity × frequency × trust impact rather than loudest voice and drive each one to verified-in-production with a standing quality budget.
Self-check
QYou have two bugs: a dramatic crash that affects a rare workflow once a week and a tiny autocomplete glitch in the core editing loop that fires for most users dozens of times a day. Eng can only take one this cycle. Which do you push and how do you justify it?