Local key custody
Secrets are stored in your OS keychain and encrypted at rest on your device — never uploaded.
This is how you put AI to work in the business without a rogue AI decision ever slipping through: WorkflowHub can do a lot of work without ever being able to do the one thing you didn’t approve — or see a secret it shouldn’t. Every step is tracked.
The AI does everything up to an external side-effect. Then a human approves. Nothing that leaves your walls — an email, a payment, a post, a write to another system — fires without a recorded human decision.
Credentials live on your machine, encrypted at rest. External work runs on the local agent. Our control plane orchestrates work items — it never sees your plaintext secrets. That’s a guarantee centralized BPM and iPaaS architecturally can’t make.
Secrets are stored in your OS keychain and encrypted at rest on your device — never uploaded.
Anything touching an external system runs on the agent, from your network — not a shared cloud.
Because plaintext never centralizes, the model fits PHI and other regulated data by design.
The desktop agent is open-source and auditable. Read it, build it, run it. Trust comes from inspection, not from a marketing page.
Every AI step and every human approval is recorded. Reconstruct exactly who approved what, and what the AI did up to that point.
Multi-tenant organizations keep each team’s data separate, with role-based access controls and scoped caller identity.
Zero-knowledge by default; on Enterprise, admin-recoverable secrets provide continuity without handing plaintext to the cloud.
Human approval on every external action, zero-knowledge secrets, and an open-source client you can read line by line.