<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Joseph Kirika</title>
    <description>The latest articles on DEV Community by Joseph Kirika (@jchengecha).</description>
    <link>https://dev.to/jchengecha</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3957750%2Fb9fc5f1c-db92-4155-be55-8b88176defa2.jpeg</url>
      <title>DEV Community: Joseph Kirika</title>
      <link>https://dev.to/jchengecha</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/jchengecha"/>
    <language>en</language>
    <item>
      <title>The Scope Creep Email That Actually Works (And Why Generic Templates Fail)</title>
      <dc:creator>Joseph Kirika</dc:creator>
      <pubDate>Fri, 05 Jun 2026 15:01:14 +0000</pubDate>
      <link>https://dev.to/jchengecha/the-scope-creep-email-that-actually-works-and-why-generic-templates-fail-4eko</link>
      <guid>https://dev.to/jchengecha/the-scope-creep-email-that-actually-works-and-why-generic-templates-fail-4eko</guid>
      <description>&lt;p&gt;You know the message.&lt;/p&gt;

&lt;p&gt;The project is underway. You have a clear brief, a quoted price, and a deadline you both agreed on. Then it arrives:&lt;/p&gt;

&lt;p&gt;"Hey, can you also just quickly add..."&lt;/p&gt;

&lt;p&gt;Or: "While you're at it, could you..."&lt;/p&gt;

&lt;p&gt;Or the slow-burn version: "We were thinking the original plan could include a few extra things we forgot to mention."&lt;/p&gt;

&lt;p&gt;That moment is where most freelancers lose money. Not because they said yes. Because they did not know what to say instead.&lt;/p&gt;

&lt;p&gt;I have been there. The 45-minute rewrite spiral, sending something you are not happy with, and watching the project quietly expand while your rate effectively shrinks.&lt;/p&gt;

&lt;p&gt;Here is what I learned about why that keeps happening — and what to do instead.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why Generic Scope Creep Templates Fail
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvko0pvt4vr48lf1zlmsp.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvko0pvt4vr48lf1zlmsp.png" alt="Side-by-side of the bad vs better email, styled like a code diff (red/green lines)" width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Search "scope creep email template" and you will find dozens of versions that look roughly like this:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;"Hi [Client Name], I wanted to follow up regarding the additional requests. As per our original agreement, the scope of work included X. The new requests fall outside this scope and will require additional time and budget. Please let me know how you would like to proceed."&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;It is technically correct. It is also the email equivalent of a stop sign.&lt;/p&gt;

&lt;p&gt;Clients read that and feel accused. The tone signals conflict, not professionalism. Even reasonable clients get defensive when they receive language that sounds like it came from a legal department.&lt;/p&gt;

&lt;p&gt;The problem is that generic templates are written for a generic situation. Your scope creep moment has context, a relationship, a history, and a power dynamic that a copy-paste template cannot account for.&lt;/p&gt;

&lt;p&gt;When the email sounds like a template, the client knows it. And when the client knows it, the conversation becomes about the email — not the actual problem.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Actually Happens When Scope Creep Starts
&lt;/h2&gt;

&lt;p&gt;Most freelancers handle it one of three ways:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;They absorb it.&lt;/strong&gt; They say nothing, do the extra work, and resent the client quietly. The invoice goes out for the original amount. The relationship survives but the freelancer loses.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;They push back badly.&lt;/strong&gt; A stiff email goes out, the client gets defensive, and there is an awkward dynamic for the rest of the engagement.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;They panic.&lt;/strong&gt; Forty-five minutes of drafting, rewriting, second-guessing. They eventually send something they are not happy with.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;None of those outcomes are good. The issue is not that freelancers lack courage. It is that they lack a clear framework for what the email should actually do.&lt;/p&gt;




&lt;h2&gt;
  
  
  What a Good Scope Creep Response Does
&lt;/h2&gt;

&lt;p&gt;A good scope creep email does five things, in order:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Acknowledges the request without agreeing to it.&lt;/strong&gt; The client should feel heard, not attacked.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;References the original scope clearly.&lt;/strong&gt; Not accusatorily — factually. "The original brief covered X" is neutral. "As per our contract" sounds like a lawsuit.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Names the impact specifically.&lt;/strong&gt; Vague impact statements ("this will require additional resources") are easy to dismiss. Specific ones ("this adds roughly 6 hours") are not.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Offers a clear next step.&lt;/strong&gt; Do they approve additional budget? Remove something from the original scope? Wait until the next phase? Give them options, not a dead end.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Keeps the relationship intact.&lt;/strong&gt; You are not punishing the client for asking. You are being transparent about what their request means in practice.&lt;/li&gt;
&lt;/ol&gt;




&lt;h2&gt;
  
  
  The Formula: Acknowledge + Scope + Impact + Options + Next Step
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fps3z950zl10d2pu2284r.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fps3z950zl10d2pu2284r.png" alt=" A simple numbered diagram. Clean, shareable, pinnable." width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Here is what that looks like applied to a real situation.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Bad version (generic template):&lt;/strong&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Hi Sarah,&lt;/p&gt;

&lt;p&gt;As per our original agreement, the scope of work included the homepage, about page, and contact form. The additional pages you have requested fall outside this scope and will require additional time and budget. Please advise on how you would like to proceed.&lt;/p&gt;

&lt;p&gt;Regards,&lt;br&gt;
[Name]&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;strong&gt;Better version (formula applied):&lt;/strong&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Hi Sarah,&lt;/p&gt;

&lt;p&gt;Happy to add the services page and team page to the project.&lt;/p&gt;

&lt;p&gt;Just to flag: the original brief covered the homepage, about page, and contact form. Adding two more pages brings the total to roughly 8 additional hours of work.&lt;/p&gt;

&lt;p&gt;Two options: I can quote the extra pages as a separate add-on (I will send numbers by end of day), or if the budget is fixed, we could move the contact form to phase two and use that time for the new pages instead.&lt;/p&gt;

&lt;p&gt;Let me know which direction works better and I will get it scheduled.&lt;/p&gt;

&lt;p&gt;[Name]&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;The second email does not sound defensive. It sounds like a professional who knows exactly what they are doing. The client gets options. The freelancer gets clarity. The relationship stays intact.&lt;/p&gt;




&lt;h2&gt;
  
  
  Common Mistakes Freelancers Make
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Waiting too long.&lt;/strong&gt; The longer you absorb scope creep without naming it, the harder it becomes to address.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Being vague about impact.&lt;/strong&gt; "This will take more time" is easy to dismiss. "This adds 4 hours at my standard rate of $X" is not.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Apologising for having a scope.&lt;/strong&gt; You do not need to say sorry for quoting the work you actually quoted.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Sending the email without a next step.&lt;/strong&gt; If the client does not know what to do after reading your email, they will do nothing.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Using "as per our agreement" or "as per our contract."&lt;/strong&gt; This language signals you are preparing for a dispute. Use it only if you actually are.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  The Harder Truth About Scope Creep
&lt;/h2&gt;

&lt;p&gt;Most scope creep does not start mid-project. It starts in the client's first message.&lt;/p&gt;

&lt;p&gt;Phrases like "should be simple," "budget TBD," "we can figure out the details as we go," and "there might be more work later" are early signals that the scope is not clear in the client's mind. When scope is unclear at the start, it expands during the project. Every time.&lt;/p&gt;

&lt;p&gt;The best scope creep email is the one you never have to send — because you caught the signals before you accepted the project.&lt;/p&gt;

&lt;p&gt;That is why I built FreelancerGuard with two tools, not one.&lt;/p&gt;

&lt;p&gt;The &lt;strong&gt;Red Flag Detector&lt;/strong&gt; scans client messages before you reply, scoring the risk across scope creep, payment risk, vague expectations, relationship red flags, and power imbalance. If the score is high, you know to ask clarifying questions before you quote.&lt;/p&gt;

&lt;p&gt;The &lt;strong&gt;Scope Creep Email Generator&lt;/strong&gt; handles the moment after. Paste the context, and it writes a calm, professional boundary-setting reply using the Acknowledge + Scope + Impact + Options + Next step formula. No panic. No rewrite spiral.&lt;/p&gt;

&lt;p&gt;Spot the risk. Send the boundary.&lt;/p&gt;

&lt;p&gt;Both tools are free to try at &lt;a href="https://freelancerguard.fyi" rel="noopener noreferrer"&gt;freelancerguard.fyi&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxuaukrzbjt664k6rs0ab.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxuaukrzbjt664k6rs0ab.png" alt="A mock FreelancerGuard scan result" width="800" height="892"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;p&gt;&lt;strong&gt;Over to you:&lt;/strong&gt; What is the scope creep situation that cost you the most? A phrase that should have been a warning sign? Drop it in the comments — I am genuinely curious what patterns show up.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;FreelancerGuard is a freelancer protection toolkit. The Red Flag Detector scores client inquiries before you engage. The Scope Creep Email Generator helps you respond professionally when scope needs protecting.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>freelance</category>
      <category>productivity</category>
      <category>career</category>
      <category>webdev</category>
    </item>
    <item>
      <title>The Exploit Chains of Freelancing: 3 Dangerous Client Red Flag Combinations</title>
      <dc:creator>Joseph Kirika</dc:creator>
      <pubDate>Thu, 04 Jun 2026 16:52:22 +0000</pubDate>
      <link>https://dev.to/jchengecha/the-exploit-chains-of-freelancing-3-dangerous-client-red-flag-combinations-267e</link>
      <guid>https://dev.to/jchengecha/the-exploit-chains-of-freelancing-3-dangerous-client-red-flag-combinations-267e</guid>
      <description>&lt;p&gt;In software engineering, we understand the concept of a code smell.&lt;/p&gt;

&lt;p&gt;A single long method is not necessarily a disaster. An untested utility file is not ideal, but it will not crash the server. However, when you combine a long method, global state, and zero test coverage in a critical payment gateway, you have a ticking time bomb.&lt;/p&gt;

&lt;p&gt;In security, this is called an exploit chain. One minor vulnerability is a bug; chained together, they become a catastrophic security breach.&lt;/p&gt;

&lt;p&gt;I learned this the hard way when I started freelancing. Client communication has its own exploit chains.&lt;/p&gt;

&lt;p&gt;A single red flag is often just a warning or a sign of an inexperienced client. But when specific red flags pair up, they form toxic combinations that almost always lead to unpaid invoices, infinite scope creep, or burnout.&lt;/p&gt;

&lt;p&gt;If you are currently taking on freelance dev work or independent contracts, these are the three most common exploit chains to watch for in early client messages.&lt;/p&gt;




&lt;h3&gt;
  
  
  1. The "Urgent Discounter"
&lt;/h3&gt;

&lt;h4&gt;
  
  
  The Chain: Extreme Urgency + Budget Squeeze
&lt;/h4&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fedcdfqqd9q2attmybscb.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fedcdfqqd9q2attmybscb.png" alt="A Slack-style direct message with “URGENT: discounter” highlighted in bold red, followed by a request to launch a big, time-sensitive promotion." width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;You get a DM or email that reads something like this:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;em&gt;"We need a React developer to jump in and finish this landing page by Friday. It is mostly done, just needs a few tweaks. Our budget is pretty tight right now, but we have a ton of venture-backed work coming down the pipeline next month if this goes well."&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Flag A (Extreme Urgency):&lt;/strong&gt; They need it by Friday. Rushed timelines require a premium rate because you are displacing other work, working overtime, and absorbing their poor planning.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Flag B (The Discount Hook):&lt;/strong&gt; They want a cheap rate now in exchange for vague "future work" promises.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Why this combination is toxic:&lt;/strong&gt;&lt;br&gt;
Urgency and discounts are structurally incompatible. High-speed delivery requires high-trust, high-budget execution. When you accept both, you agree to work stressful, underpaid hours under a tight deadline for a client who does not value your time. If anything goes wrong, even a minor delay outside your control, they will often refuse to pay, citing the missed deadline.&lt;/p&gt;




&lt;h3&gt;
  
  
  2. The "Vague Architect"
&lt;/h3&gt;

&lt;h4&gt;
  
  
  The Chain: Broad Scope + Resistance to SOWs
&lt;/h4&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foepwjeqt8ifmxcqh6kx5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foepwjeqt8ifmxcqh6kx5.png" alt=" captures the irony perfectly: the “CORE SYSTEM” sits in the middle, surrounded by clouds, servers, APIs, dashboards, payment gateways, and a rocket labeled “FAST GROWTH”" width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The initial conversation feels exciting because the vision is massive:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;em&gt;"We are building a platform like Airbnb but for pet owners. It should be simple to start. Let us not get bogged down in formal contracts and detailed requirements docs right now; we trust you. Let us just start building on an hourly basis and figure out the details as we go."&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Flag A (Vague/Massive Scope):&lt;/strong&gt; Comparing a project to a multi-billion dollar platform while calling it "simple."&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Flag B (No Spec/Contract):&lt;/strong&gt; Wanting to skip the "bureaucracy" of defining what is explicitly in and out of scope.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Why this combination is toxic:&lt;/strong&gt;&lt;br&gt;
Without a structured contract or Statement of Work to act as your system spec, scope creep is a statistical certainty.&lt;/p&gt;

&lt;p&gt;Because the requirements are vague, the client's mental model of the project will constantly shift. To them, "a simple pet platform" naturally includes payment gateways, messaging systems, and real-time maps. To you, those are three separate microservices. Without a written agreement defining the boundaries of your relationship, every dispute over "what is included" ends in unpaid revisions.&lt;/p&gt;




&lt;h3&gt;
  
  
  3. The "Trust-Me Gambler"
&lt;/h3&gt;

&lt;h4&gt;
  
  
  The Chain: Equity/Rev-Share + Immediate IP Demand
&lt;/h4&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft3b6cbba3qc2w233pp5c.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft3b6cbba3qc2w233pp5c.png" alt="A metaphor for moving code and intellectual property responsibly." width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;This one is common in startup and indie hacker spaces:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;&lt;em&gt;"We cannot pay an upfront deposit, but we are offering 10% equity in a SaaS that is guaranteed to launch next month. We just need you to hand over the full source code and push it to our production repo so we can present it to investors this weekend."&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Flag A (Zero Upfront Cash / Equity Only):&lt;/strong&gt; Asking you to absorb 100% of the financial risk.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Flag B (Immediate IP/Code Handoff):&lt;/strong&gt; Demanding raw files or repository ownership before any value or security is established.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Why this combination is toxic:&lt;/strong&gt;&lt;br&gt;
In professional dev work, intellectual property transfers after the invoice is cleared. When a client asks for equity only, they are gambling with your time. When they combine that with a demand for immediate repository access or full IP handoff before any milestones are met, you lose your only leverage. Once they have the code, you have nothing left to negotiate with.&lt;/p&gt;




&lt;h3&gt;
  
  
  How to Build a "Linter" for Your Client Communications
&lt;/h3&gt;

&lt;p&gt;When you are looking for work, your brain naturally wants to ignore these red flags because you want to land the project. You convince yourself that "this time will be different" or "the client seems really nice."&lt;/p&gt;

&lt;p&gt;Just as you use linters and compilers to catch bugs before code hits production, you need a lightweight system to vet client requests before they cost you real time and money.&lt;/p&gt;

&lt;p&gt;I built a free tool for this: &lt;a href="https://freelancerguard.fyi" rel="noopener noreferrer"&gt;FreelancerGuard.fyi&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;It works like a static analysis tool for your freelance business. Paste a suspicious DM, email, or Upwork brief into the Red Flag Detector and it parses the message for toxic combinations, flagging hidden payment risks, unrealistic scope expectations, and power imbalances before you hop on a call or waste time drafting a proposal.&lt;/p&gt;

&lt;p&gt;And if a project starts creeping mid-cycle, I also built a Scope Creep Email Generator to help you write warm, professional, but firm responses that turn "just one quick change" into a paid change order.&lt;/p&gt;

&lt;p&gt;A pause button between the message and the mistake.&lt;/p&gt;




&lt;h3&gt;
  
  
  Over to you
&lt;/h3&gt;

&lt;p&gt;What is the worst red flag chain you have encountered? Have you ever had a single warning sign turn into a complete project disaster? Drop it in the comments.&lt;/p&gt;

</description>
      <category>freelance</category>
      <category>discuss</category>
      <category>webdev</category>
      <category>career</category>
    </item>
  </channel>
</rss>
