Human Checkpoints
Every Gate Has a Human Decision
| Checkpoint | Where in the Lifecycle | Who Decides | The Decision |
|---|---|---|---|
| Capability Intake | Before any skill enters the pipeline | Brain Owner | Is this capability appropriate? What is its risk level? Does it need a formal specification before build? |
| Security Review | Before any skill leaves quarantine | Technical Custodian | Does this skill pass the 8-point security scan? Is the risk rating acceptable? Are all findings resolved? |
| Sandbox Sign-off | Before any skill goes to production | Acceptance Tester and Technical Custodian | Does the skill behave as specified in the capability spec? Are acceptance criteria met? |
| Council Approval | Before any skill is distributed to child brains | Governance Council (two members for High or Critical skills) | Is this skill approved for use across the brain network? Is the risk rating accepted? |
| Content Review | When any file reaches its expiry date | Content owner named in the file's frontmatter | Is this content still accurate? Re-date with a new expiry or retire the file? |
Grounding Principles
Closed-World Assumption
The system does not use general training knowledge to fill gaps in the organisation's knowledge base. For any fact about the organisation, it cites the source file or flags the gap. "I don't know" is the correct answer when the knowledge base has no source for the information. Knowledge gaps are logged in a register for the owner to address.
Mandatory Source Citation
Every factual claim about the organisation includes a citation to the source file path, immediately after the claim. No citation means the claim is flagged as unverified. This makes it possible to audit any answer, trace it to its source and check whether that source is still current.
Read Before Asserting
The system never states a fact about the organisation without reading it from the knowledge base first or asking. This rule is encoded in the base operating instructions and applies in every session, regardless of what the AI model believes from training.
Decisions Already Made
Before recommending an approach, the system checks the decisions log. It does not relitigate what has already been decided by the organisation. The decisions log is a first-class knowledge source, not an afterthought.
Two-Axis Access Model
The access model has two independent axes. Content tier governs what the retrieval layer returns. Platform role governs what infrastructure actions a person can perform. The two axes are assigned independently and do not influence each other.
Content Tiers (Retrieval Access)
1
Owner
Unrestricted. All content including owner-only notes and restricted files.
2
Executive
Board, equity holders. Excludes owner-only personal material.
3
Lead
Practice leads, senior managers. Excludes financial models, HR, vendor contracts and exec strategy.
4
Staff
General team members. Operational knowledge, processes, tools and client-facing content.
5
External
Contractors and limited collaborators. Only content explicitly tagged as public.
Platform Roles (Infrastructure Access)
A
Administrator
Brain configuration, pull request approval, access management. Full infrastructure rights.
C
Technical Custodian
Skill submission, pipeline participation, quarantine write access. Builds and reviews skills.
U
User
Assistant queries only. No infrastructure access. Content access governed by tier assignment only.
Policy Categories
Every brain deployment requires policies across five categories. Master Brain provides a neutral policy template for each. The deploying organisation completes the policy with their specific obligations, exceptions and approval authorities.
📋
Acceptable Use
🏷️
Data Classification
📥
Skill Ingestion
🔑
Access Control
📊
Audit and Review
See the Compliance Alignment
NIST AI RMF, ISO 42001, ISO 27001, the Australian Privacy Act and FAIRA: what each requires and how the architecture satisfies it.
Compliance