If you run a creator brand on Instagram, you already know: DMs are the bottleneck. Eighty messages on Monday. By Friday the cold leads are warm enough to have ordered from someone else. Meanwhile the easy questions — shipping, pricing, collab rates — keep filling the queue.
The good news: in 2026, around 80% of incoming DMs are automatable with AI. The tricky news: most of the tools marketing this sit outside the Instagram Terms of Service, which means you can burn your account if you pick the wrong stack. This post walks through the stack that works, the rules you have to follow, and how to set it up safely.
The outcome first
A working setup looks like this:
- A DM lands in your inbox. Within 3 seconds, AI reads it, classifies it (sales, fan, collab, spam, sensitive), and drafts a reply in your voice.
- If the AI's confidence is above your threshold (typically 0.85), it sends the reply automatically, or after a 60-second "review window" where you can cancel.
- If confidence is below the threshold, or the message is tagged sensitive, it queues for you to review in a simple approval list — a minute of scrolling on your phone.
- Everything is logged so the system learns what you send, don't send, edit, or delete.
In production, clients see 70–85% of DMs auto-handled inside the first two weeks. The remaining 15–30% — real humans asking nuanced things — get your attention. Which is the point.
The stack, piece by piece
Here's what actually sits underneath the experience:
Instagram Professional account ↓ (webhook) Meta Graph API · Messenger subscription ↓ Cloudflare Worker · receives & verifies ↓ Supabase · stores message + thread history ↓ Claude (Sonnet or Opus) · classifies + drafts ↓ Voice profile (Supabase row) · tone-tunes draft ↓ Confidence gate (threshold · tags) ├─ ≥ 0.85 → auto-send via Graph API └─ < 0.85 → push to approval queue (Telegram/SMS/web)
Each layer exists for a specific reason:
- Instagram Professional account. You cannot automate a personal account in any legal way. Converting to Creator or Business is a 30-second switch in Settings.
- Meta Graph API. The only API that Meta allows for inbox automation. Anything else (mobile-scraping, puppet accounts, "inbox managers" that log into your account with password) is against ToS and risks a ban.
- Cloudflare Worker. Cheap, fast, globally available. Verifies Meta's signature, which is required by the API.
- Supabase. Stores the thread, the user profile, the voice examples, the logs. Postgres under the hood.
- Claude. Claude's tool use + long context handles the classification and drafting in one call. Sonnet is fine; Opus is better for voice fidelity and costs more. We run Sonnet by default with Opus on the trickiest threads.
- Voice profile. A short JSON blob of 40–100 of your past DMs grouped by context (collab, sales, fan reply, refund). This is what makes the replies sound like you.
- Confidence gate. Claude returns a confidence score plus a "sensitivity" flag. You set the threshold. 0.85 is a good starting default.
- Approval queue. A simple web page or Telegram chat where you swipe through pending drafts and tap send. The one minute of daily review is what keeps the system trustworthy.
The Instagram ToS rules that matter
There are exactly four rules to respect. If you follow these, you're fine. If you don't, you can get banned — not by AI use, but by ignoring these.
- Use a Professional (Creator or Business) account. Personal accounts are off-limits for automation.
- Only reply inside the 24-hour window. Meta allows free-form messaging for 24 hours after the user's last inbound message. Outside that window, you can only send tagged messages (
HUMAN_AGENT,POST_PURCHASE_UPDATE, etc.) — which must be genuine, not marketing. - Use the official Graph API. No scraping. No mobile automation. No tools that require your Instagram password.
- Don't mass-message cold users. Automation is for replies and for conversations the user initiated. Cold outbound is banned and is how accounts get nuked fast.
AI automation is explicitly allowed. Spam is not. The line between the two is whether the user asked for the conversation.
If you stay inside these four rules, you're running the same API that brands with $500M marketing budgets run. You will not be banned for following the rules.
Assistant Pro is $599/mo — full Instagram DM automation, voice profile, Stripe invoices, content repurposing. We handle the Graph API app, the webhook, the hosting, the tuning. See Creator plans → or the AI Assistant service page.
Get a free AI audit →Building the voice profile
The single biggest lever on quality is the voice profile. A generic Claude reply sounds like a generic Claude reply. A reply tuned on your last 60 DMs sounds like you.
The process, concretely:
- Export a CSV of your last 200 outgoing DMs from Meta's data export.
- Label 40–100 by type:
sales_inquiry,collab_inquiry,fan_reply,refund,shipping,price_check,sensitive. - Pick 5–8 per category that represent you at your best.
- Store them in a Supabase
voice_profiletable with the category and a short note on when to use it. - At inference time, classify the incoming DM, pull the top 3 examples for that category, and inject them into the prompt as few-shot examples.
Do this once. Update it every 4–6 weeks as your voice shifts. That's the whole "voice training" people charge thousands for.
The confidence gate — what we actually check
Claude returns structured JSON on every draft. A typical response:
{
"category": "collab_inquiry",
"confidence": 0.91,
"sensitivity": "low",
"draft": "Hey! Thanks for reaching out …",
"escalate": false
}
Rules that fire an escalation regardless of confidence:
- Sensitivity is
mediumorhigh(mental health, refund dispute, legal). - The user has ordered from you in the last 30 days (high-trust customer).
- The message contains a dollar figure above $1,000.
- The thread has more than 6 messages (the conversation has depth — your brain helps).
Everything else auto-sends. The result is a 75–85% automation rate with almost no scary edge cases.
The 24-hour messaging window — a gotcha
Meta's 24-hour window is the rule that most homegrown bots fail on. Every inbound DM resets the clock. If 24 hours pass without a new inbound, you can only send "tagged" messages, and only for specific purposes (confirmations, account updates, human agent handoff).
In practice this means:
- Reply fast. Our default is < 30 seconds on auto-replies, < 2 hours on escalations.
- If a lead goes cold for 24 hours, do not follow up with "hey still interested?" — that's a new outbound cold message and it's against policy.
- Use the
HUMAN_AGENTtag only for real human takeover, not as a loophole.
Privacy and data
Your DM contents are private conversations. Treat them that way.
- Store thread history encrypted at rest. Supabase does this by default.
- Never send user DMs to a public LLM that trains on inputs. Use API endpoints that have a no-training clause (Anthropic and OpenAI both do on paid API tiers).
- Let your followers opt out if asked. A simple "type STOP and a human will take over" flow satisfies almost every reasonable request.
- Keep a retention policy. 90–180 days of DM history is plenty for context.
What this costs to run
A typical solo creator doing 1,000–3,000 DMs a month spends:
- Claude API: $8–$25/mo (Sonnet pricing in 2026).
- Cloudflare Workers: $0 at free-tier limits.
- Supabase: $0 on the free tier, $25 on Pro once you cross limits.
- Meta Graph API: free.
So the infrastructure is $10–$50/month. The real cost is the setup — which is where a managed service earns its price. Sovix Creator Pro at $599/mo includes this infrastructure, the tuning, the approval queue, and the ongoing API maintenance when Meta changes things (and they change things often).
The common traps
Patterns we see creators fall into:
- "Just use a ManyChat template." Fine for a welcome message. Useless for replies that sound like you.
- No approval gate. 100% auto-send sounds great until the bot sends the wrong price to a $15K brand partner.
- Training on bad examples. If your voice profile is pulled from your worst DMs, you get a bot that sounds like your worst self.
- Ignoring sensitive tagging. A bot reply to a grief DM is a PR incident.
- Running on a personal account. Don't. Switch to Creator. Two taps.
Short version
AI can safely automate 70–85% of Instagram DMs when you use the official Graph API, respect the 24-hour window, train a voice profile on your past replies, and keep a human approval gate. The infrastructure cost is tiny. The build effort is not — which is why most creators either run a managed setup or spend two weekends learning Graph API the hard way.
If you want the stack built for you, Creator Pro ships in 48–72 hours. Or grab the free AI audit and we'll show you what your volume looks like before you decide. Related reading: AI Assistant vs Virtual Assistant and What an AI personal assistant actually costs.
Last updated April 24, 2026.