Skip to main content
Platform / Governance

Govern what the coworker can do.

Risk tiers, cross-surface approvals, identity federation, memory policies, and a Control Tower dashboard — so autonomy stays accountable as you scale.

Risk Tiers

Every action, classified T0 to T5.

Each tool carries a tier. Policies resolve in three levels — platform defaults → team overrides → agent-specific rules — and the gold tiers are where a human steps in.

T0Unrestricted

No policy enforcement. Development and testing.

T1Logged

Actions logged but not blocked.

T2Warned

User warned before sensitive actions.

T3Reviewed

Actions queued for async review.

T4Approved

Real-time human approval required before execution.

T5Blocked

Action category entirely prohibited.

The Controls

Six levers, one policy surface.

Policy engine

6 risk tiers (T0–T5) with 3-level policy resolution: platform defaults, team overrides, and agent-specific rules. Egress controls restrict which external services agents can call.

Cross-surface approvals

Consequential actions pause and route an approval to the right person — the on-call engineer (PagerDuty / Opsgenie), then the requester's manager from your org chart, then team owners. Decide from Slack, an email reply, or the web; the decision propagates everywhere in real time.

Identity federation

Map users from Slack, Microsoft Azure AD, Google Workspace, and OIDC providers to ZenSearch identities. Permission-aware retrieval respects document-level RBAC across all surfaces.

Memory policies

Control what the coworker remembers: scope (team vs. user), retention periods, visibility rules, and write hygiene (rate limiting, deduplication, type validation).

Audit logging

Every tool execution logged with redacted parameters. A reasoning trace records why the agent chose each action. Persisted for compliance review.

Extension registry

Centralized registry for connectors, tools, integrations, and MCP servers. Admins control which extensions each team can access.

Control Tower

One dashboard for everything it does.

Monitor connector health, track costs, triage failures, and manage automation schedules from a single admin surface.

Connectors

Health status, sync schedules, error rates

Model Costs

Per-team, per-model usage and spend

Agents

Execution stats, tool usage, error rates

Automations

Schedule status, last run, next run

Failed Runs

Triage queue with error context

Sync Monitoring

Document counts, pipeline throughput

Get Started

Autonomy,
accountable.

Start with sensible defaults. Add policy as your needs grow.