Govern what the coworker can do.
Risk tiers, cross-surface approvals, identity federation, memory policies, and a Control Tower dashboard — so autonomy stays accountable as you scale.
Risk Tiers
Every action, classified T0 to T5.
Each tool carries a tier. Policies resolve in three levels — platform defaults → team overrides → agent-specific rules — and the gold tiers are where a human steps in.
No policy enforcement. Development and testing.
Actions logged but not blocked.
User warned before sensitive actions.
Actions queued for async review.
Real-time human approval required before execution.
Action category entirely prohibited.
The Controls
Six levers, one policy surface.
Policy engine
6 risk tiers (T0–T5) with 3-level policy resolution: platform defaults, team overrides, and agent-specific rules. Egress controls restrict which external services agents can call.
Cross-surface approvals
Consequential actions pause and route an approval to the right person — the on-call engineer (PagerDuty / Opsgenie), then the requester's manager from your org chart, then team owners. Decide from Slack, an email reply, or the web; the decision propagates everywhere in real time.
Identity federation
Map users from Slack, Microsoft Azure AD, Google Workspace, and OIDC providers to ZenSearch identities. Permission-aware retrieval respects document-level RBAC across all surfaces.
Memory policies
Control what the coworker remembers: scope (team vs. user), retention periods, visibility rules, and write hygiene (rate limiting, deduplication, type validation).
Audit logging
Every tool execution logged with redacted parameters. A reasoning trace records why the agent chose each action. Persisted for compliance review.
Extension registry
Centralized registry for connectors, tools, integrations, and MCP servers. Admins control which extensions each team can access.
Control Tower
One dashboard for everything it does.
Monitor connector health, track costs, triage failures, and manage automation schedules from a single admin surface.
Connectors
Health status, sync schedules, error rates
Model Costs
Per-team, per-model usage and spend
Agents
Execution stats, tool usage, error rates
Automations
Schedule status, last run, next run
Failed Runs
Triage queue with error context
Sync Monitoring
Document counts, pipeline throughput
Get Started
Autonomy,
accountable.
Start with sensible defaults. Add policy as your needs grow.