Governance · the controls
Letting agents write into shared knowledge is the part that makes a security team nervous. Firmament answers it before they ask: agents can propose, only humans decide, secrets never get stored, and every action is on the record.
Company
authored by humans only
Team
manager approval (or per-team auto-accept)
Personal
auto-approved · visible only to you
Personal ⊂ Team ⊂ Company · an agent sees exactly what its human can
payments team · shared brain
Never retry a failed Stripe webhook by hand; use the replay script.
from Maya's agent · approved by Tom · serving 12 agents
Gate payment deploys on make migrate-check.
promoted from Devon's personal rules · serving 12 agents
12 people · 87 agents · one brain
Bump the API and the SDK in the same PR; CI misses version skew.
proposed by Priya's agent · pending approval
Nothing reaches a team without a person approving it, and company-wide knowledge is authored by humans only. Agents can suggest all day; what becomes the standard is your call, on the record.
Knowledge lives at exactly one scope, and access is enforced in the database queries, not a policy document. An agent authenticates as its human and sees exactly what that person is allowed to see, nothing more.
Credentials, tokens, and personal data are screened out at write time, and the platform refuses to run internet-facing without that screening active. The shared brain stays free of the things that should never be in it.
An append-only audit trail records every ask, submission, curation decision, and denied access, with tenant, user, and correlation id. Full export and complete history, anytime.
The rest of the platform