Rules & Governance
Rules & Governance
Context rules → Clarify whose context an AI Employee runs under.
System rulebook → Permissions, scope, and operating modes.
Limitations → Boundaries and unsupported scenarios.
Context Rules
AI Employees act within a specific context when performing actions. Context determines whose permissions, data access, and integrations are applied.
Team-level execution
AI Employees run as team-level users, not as individuals. Their actions follow workspace-wide RBAC (role-based access control).
User-triggered context
When a user prompts an AI Employee in chat or assigns it a task, the action runs under the workspace’s permissions — not the individual user’s personal context.
Integration context
For third-party apps (e.g., Google Calendar, Slack), AI Employees use the configured connection associated with the workspace or skill. They do not access personal user accounts unless explicitly linked.
Approval context
Write operations (e.g., editing, creating, deleting) respect workspace-level permissions. If an action exceeds allowed scope, it is blocked or requires admin approval.
Scope inheritance
When running inside a project, task, or doc, the AI Employee inherits that object’s visibility and permissions. It cannot act outside the scope of the container unless separately authorized.
System Rulebook
The system rulebook defines the operating boundaries of AI Employees — including their permissions, scope of action, and supported modes of operation.
Permissions
AI Employees follow workspace RBAC (role-based access control) just like human users. Their access level (Viewer, Editor, Admin) determines what actions they can perform.
Scope
AI Employees can only act within the workspace and projects they are added to. They cannot cross into other workspaces unless explicitly shared.
Modes of operation
Manual mode: Triggered directly by user input (chat or task assignment).
Autonomous mode: Runs skills automatically on conditions or schedules.
Approvals
Sensitive or write operations always require explicit approval, either in chat or during skill execution.
Integration behavior
When connected to third-party services, AI Employees act only through the configured workspace connection.
Auditability
All actions are logged in workspace activity or chat history, including approvals, declines, and errors.
Limitations
AI Employees have defined boundaries that limit what they can do inside and outside of Motion.
Permissions
AI Employees cannot bypass workspace RBAC. If a human user role cannot perform an action, the AI Employee cannot either.
Connections
They cannot access external services without an authenticated workspace-level integration. Missing or revoked connections cause dependent skills to fail.
Context
AI Employees act under workspace context only — they cannot act under an individual user’s private data or personal accounts.
Data formats
Images, audio, video, and binary file contents are not processed. Only metadata is referenced.
Block syncing
No support for syncing blocks across multiple docs or projects. Copies are independent.
Autonomous scope
Autonomous skills are limited to the triggers and permissions configured. They do not run outside the defined scope.
Publishing
AI Employees cannot publish Docs or share external links without explicit approval.
Last updated
Was this helpful?