Review a PR for thread-safe request handling

## PR review / debugging prompt (backend) You are reviewing a pull request that introduces a `CustomerRequest` class used by a web service to build and send an **external HTTP request** to a downstream system. The PR has these characteristics: - `CustomerRequest` contains **many fields** (customer identifiers, metadata, optional attributes), most of them **mutable**. - The class is used in a **multi-threaded** context (e.g., requests may be processed concurrently; some instances may be shared via caches/singletons by mistake). - The implementation uses **low-level concurrency primitives**, including at least one `volatile` field to coordinate state (e.g., a lazily initialized token / header map / serialized payload). - The class also triggers or prepares an **external request** (e.g., constructs an HTTP payload, may call a downstream dependency). ### Task 1. List the **main issues/risks** you would call out in the PR (correctness, thread-safety, maintainability, performance, testability, reliability). 2. Propose a **cleaner design** for this request building + external call flow. 3. Describe what you would ask the author to change, including: - safer concurrency patterns (what to avoid, what to use instead) - API/OO design improvements (immutability, validation, builders, separation of concerns) - reliability requirements for the external call (timeouts, retries, idempotency, circuit breaking) - how you would test it (unit/integration/concurrency tests) Assume Java/Kotlin/C#-style server-side development, but keep the answer language-agnostic where possible.