01
Citations on every claim
Context returned by Repo carries the exact messages, files, and folders it was built from. Nothing is generated. Only retrieved, ranked, and shaped.
evidence · default
Trust
Memory you can defend to legal, security, and your board.
Every answer is a receipt. Every key is a contract. Every retrieval is in the ledger. Repo is built so the answer to “why did the agent say that?” is one query away.
01 · How it's built
Trust by construction.
Six primitives, all live today. None of them are opt-in add-ons or future roadmap items — they are how the system works in private beta.
02
Freshness, not staleness
Every memory node carries source, ingestion, and last-sync timestamps. The Context Contract reports per-result age so agents can refuse stale answers.
freshness · iso8601
03
Scoped agent keys
Each agent gets its own key, bound to allowed actions (search, context, ask, ingest, admin) and allowed providers. No key can ask outside its contract.
repo_… · least-privilege
04
Access mirrors your source
Repo preserves Google Drive sharing metadata, Slack channel basis, and provider scope. Drive source items missing access-policy metadata are excluded from retrieval at the SQL layer.
ACL · pass-through
05
Audit trail · metadata only
Every /v1/context call writes an audit event keyed by request id with actor, scope, evidence ids, freshness, and limitations. Snippet text is never persisted to the trail.
audit_events · WORM
06
Per-key rate limits
Atomic per-key, per-action rate windows in Postgres. Over-budget calls return 429 with Retry-After and never reach retrieval or audit.
api_rate_limit_windows
02 · The Context Contract
The single document that explains an answer.
Every /v1/context response carries a versioned envelope: who asked, what scope was applied, how retrieval ran, what evidence was returned, what was excluded, and what limitations the caller should honor.
Self-identifying response
Agents, SDKs, and logs see a stable shape from day one. Future versions will live behind the same name with explicit version negotiation.
contract.name = repo.context · version = v1
Who asked
The authenticating key identity, captured server-side. Audit events use actorApiKeyId for agent calls and actorUserId for console writes.
actor.apiKeyId · actor.name · actor.type
What was filtered
If the key was scoped to a subset of providers, the contract names which providers were filtered out and why each was excluded.
access.providerFilterApplied · access.exclusions
How fresh each result is
Per-evidence freshness with the basis (source timestamp, ingest timestamp, last sync) so the agent can apply its own staleness threshold.
evidence.freshness.sourceAgeHours · syncAgeHours
What was incomplete
If memory was empty, scope was applied, or sources were missing freshness or access-policy metadata, the contract reports it explicitly.
limitations.no_context · provider_scope_applied · missing_*
Traceable forever
Every contract response writes an audit event keyed by the same requestId carried in the contract header. The two are stitched without any client-side wiring.
audit_events.target_id = contract.requestId
03 · Audit ledger
Append-only. Metadata only.
The ledger is the company's contract with its own AI. Sample rows from a live workspace below — actors, actions, evidence counts, and status codes; never the snippet text itself.
04 · Where we are
Honest about today, deliberate about tomorrow.
Repo is in private beta. The primitives below are live; the items in roadmap are flagged so you know what to expect, not surprised by a missing answer.
Slack & Drive connectors
OAuth, channel allowlists, per-account identity, refresh tokens, paginated sync, deduplication. Drive sources without preserved access policy are excluded from retrieval at the SQL layer.
live · today
Context Contract v1
Source-backed responses with actor, access, retrieval, evidence, citations, and limitations. Per-evidence freshness on every result.
live · today
Audit + rate limits
Metadata-only audit on every retrieval and admin write. Atomic per-key, per-action rate windows enforced in Postgres.
live · today
Source-level ACL enforcement
Today Drive carries preserved permission metadata as accessPolicy on every result; per-user ACL enforcement at retrieval time is queued for v2 of the contract.
roadmap
Team access
Today v1 ships single-owner per workspace. Email invites, multi-role memberships, and SSO/SCIM are in the post-launch backlog.
roadmap
More connectors
Linear, Confluence next. Same access policy posture: provider scope, channel/folder basis, freshness on every result.
roadmap
Security review
Bring your security team
into the demo.
We'll walk through the Context Contract, the audit trail, scoped keys, and the connector permission model with the people who'll have to sign off on the rollout.