Operating Rules & System Boundaries

System Rulebook

The system rulebook defines the core operating mechanics of AI Employees — including their scope of action, supported modes of operation, how write actions execute, how integrations work, and how everything is tracked.

Scope

AI Employees can only access data within the workspace where they're running. However, this rule only applies to Motion triggers (like "when a new task is created" or "when a project status changes").

For other trigger types (like Gmail, Outlook, Salesforce, or scheduled triggers), the scope rule doesn't apply the same way. These triggers can act based on the context user's permissions across different systems.

Example: If you set up a skill with a Motion trigger to "update tasks in Project A," the skill can only see and update tasks in Project A. But if you set up a skill with a Gmail trigger to "create a task when an email arrives," the skill can create tasks based on what you have access to, regardless of which workspace the email came from.

Modes of Operation

AI Employees can run in two different modes:

• Manual mode: You explicitly click "Run Skill" to start the skill. The skill runs immediately under your permissions.

• Autonomous mode: The skill runs automatically based on a trigger you set up (like a schedule or an event). The skill runs under the permissions of the person who set up the trigger.

Write Actions

Write actions are when the AI Employee creates, edits, or deletes something (like creating a task, updating a project, or sending an email).

In manual mode:

• The AI Employee shows you what it's about to do

• You approve the action before it happens

• If you don't approve, the action doesn't run

In autonomous mode:

• The AI Employee does NOT ask for approval each time it runs

• Instead, you approve what the skill will do when you set it up

• Once the skill is configured and running, it performs the approved actions automatically

Example: You set up a skill to automatically update CRM records after sales meetings. You approve this once during setup. Every time a sales meeting ends, the skill automatically updates the CRM without asking for approval again.

Integrations & Third-Party Blocks

AI Employees connect to external services (like Gmail, Slack, or Salesforce) through integrations. Here's how they work:

• Integrations are managed at the account level, not the workspace level

• When you connect an external service, you can share that connection with:

• Just yourself (private)

• Specific team members

• Specific workspaces

• Specific AI Employees

• Your entire team

• The AI Employee can only use connections that have been shared with it

• If a connection is not shared with the AI Employee, the skill will fail when it tries to use that service

When a skill uses a third-party service (like sending a Slack message or updating a Salesforce record), the skill runs through the configured connection for that service. The connection is what gives the skill permission to act. If the connection doesn't have the right permissions, the action will fail.

Example: You set up a skill to send Slack messages. The skill uses the Slack connection you configured. If that Slack connection doesn't have permission to post in a certain channel, the skill cannot post there.

Auditability

All actions that AI Employees take are logged. This includes:

• What action was performed

• When it happened

• Which user's context it ran under

• Which workspace it occurred in

• Whether it succeeded or failed

• Any error messages if something went wrong

You can view this log to understand what the AI Employee did and troubleshoot any issues.