BraiFlow CRM

Product Documentation

Operational documentation to run the platform in production: onboarding, business processes, governance and execution standards.

AI Agents

Agent setup, supervision and guardrails.

Target Audience

Admins and reviewers supervising autonomous or assisted agents.

Prerequisites

  • Agent roles and approval permissions assigned.
  • Action execution policy approved by compliance.
  • Monitoring dashboard access enabled.

Module Positioning

Governed agent orchestration with approval and safety limits.

Priority Use Cases

  • Assisted mode recommendations for operators.
  • Auto mode for low-risk repetitive actions.

Operating Model

  • Approval workflow required for high-impact actions.
  • Track action logs and rollback playbook.

KPI

  • Agent action approval latency.
  • Execution success ratio with zero cross-tenant leak.

Recommended Path

Follow chapters in order to move from configuration to production execution.

  1. 1. Agents Overview

    Goal: Agents Overview

    Agents Overview formalizes a mission-critical standard for this module.

    Expected Outcome

    After this chapter, the team can standardize "Agents Overview" with measurable controls for governed AI usage.

    • Agent portfolio is mapped by business objective.
    • Operational evidence is captured for Agents Overview.

    Quick Validation

    Validate via UI flow and API probe (/api/v1/agents), then confirm expected permissions and logs.

    • Each agent has owner, scope and rollback path.
    • Run one positive and one negative scenario before sign-off.
    • Validate behavior with non-admin permissions.

    Risk To Avoid

    Do not move to chapter 2 before edge cases and access scope are confirmed for this step.

    • Running agents with undefined ownership.
    • Skipping audit/log validation for this chapter.
    • Promoting to production without rollback path.

  2. 2. Create Agent

    Goal: Create Agent

    Create Agent formalizes a mission-critical standard for this module.

    Expected Outcome

    After this chapter, the team can standardize "Create Agent" with measurable controls for governed AI usage.

    • Agent creation starts from constrained mission statement.
    • Operational evidence is captured for Create Agent.

    Quick Validation

    Validate via UI flow and API probe (/api/v1/agents), then confirm expected permissions and logs.

    • Input/output contract and permissions are explicit.
    • Run one positive and one negative scenario before sign-off.
    • Validate behavior with non-admin permissions.

    Risk To Avoid

    Do not move to chapter 3 before edge cases and access scope are confirmed for this step.

    • Overly broad mission and unrestricted actions.
    • Skipping audit/log validation for this chapter.
    • Promoting to production without rollback path.

  3. 3. Configure Agent

    Goal: Configure Agent

    Configure Agent formalizes a mission-critical standard for this module.

    Expected Outcome

    After this chapter, the team can standardize "Configure Agent" with measurable controls for governed AI usage.

    • Configuration sets hard limits for execution context.
    • Operational evidence is captured for Configure Agent.

    Quick Validation

    Validate via UI flow and API probe (/api/v1/agents), then confirm expected permissions and logs.

    • Allowed tools/actions are whitelisted.
    • Run one positive and one negative scenario before sign-off.
    • Validate behavior with non-admin permissions.

    Risk To Avoid

    Do not move to chapter 4 before edge cases and access scope are confirmed for this step.

    • Config drift between staging and production.
    • Skipping audit/log validation for this chapter.
    • Promoting to production without rollback path.

  4. 4. Monitoring

    Goal: Monitoring

    Monitoring formalizes a mission-critical standard for this module.

    Expected Outcome

    After this chapter, the team can standardize "Monitoring" with measurable controls for governed AI usage.

    • Monitoring focuses on behavior drift and risk patterns.
    • Operational evidence is captured for Monitoring.

    Quick Validation

    Validate via UI flow and API probe (/api/v1/agents), then confirm expected permissions and logs.

    • Approval latency and failure causes are tracked.
    • Run one positive and one negative scenario before sign-off.
    • Validate behavior with non-admin permissions.

    Risk To Avoid

    Do not move to chapter 5 before edge cases and access scope are confirmed for this step.

    • Watching volume only, ignoring quality signals.
    • Skipping audit/log validation for this chapter.
    • Promoting to production without rollback path.

  5. 5. Assisted vs Auto Mode

    Goal: Assisted vs Auto Mode

    Assisted vs Auto Mode formalizes a mission-critical standard for this module.

    Expected Outcome

    After this chapter, the team can standardize "Assisted vs Auto Mode" with measurable controls for governed AI usage.

    • Mode selection matches risk class and maturity.
    • Operational evidence is captured for Assisted vs Auto Mode.

    Quick Validation

    Validate via UI flow and API probe (/api/v1/agents), then confirm expected permissions and logs.

    • Escalation from auto to assisted is documented.
    • Run one positive and one negative scenario before sign-off.
    • Validate behavior with non-admin permissions.

    Risk To Avoid

    Do not move to chapter 6 before edge cases and access scope are confirmed for this step.

    • Using auto mode for high-impact first releases.
    • Skipping audit/log validation for this chapter.
    • Promoting to production without rollback path.

  6. 6. Security & Limits

    Goal: Security & Limits

    Security & Limits formalizes a mission-critical standard for this module.

    Expected Outcome

    After this chapter, the team can standardize "Security & Limits" with measurable controls for governed AI usage.

    • Security boundaries are enforceable and testable.
    • Operational evidence is captured for Security & Limits.

    Quick Validation

    Validate via UI flow and API probe (/api/v1/agents), then confirm expected permissions and logs.

    • Cross-tenant and privilege escalation tests pass.
    • Run one positive and one negative scenario before sign-off.
    • Validate behavior with non-admin permissions.

    Risk To Avoid

    Do not move to chapter 7 before edge cases and access scope are confirmed for this step.

    • Relying on prompt text as sole security control.
    • Skipping audit/log validation for this chapter.
    • Promoting to production without rollback path.

Go-live Checklist

  • Sensitive permissions are tested with a non-admin account.
  • Critical business flows are verified end-to-end.
  • Error messages are understandable and actionable.
  • An incident runbook exists for this domain.

Success Criteria

  • Faster onboarding for a new team.
  • No critical action depends on implicit tribal knowledge.
  • Support can diagnose an incident in under 15 minutes.