AI Transparency

Every AI system, on the record.

No shadow AI, no black box. Each system below is one guarded path: it reads only your own data, removes personal details before any model sees it, lands on a record you can check, and — where it can change anything — waits for a person.

AI systems

every one

Personal details removed first

every call

On a record you can check

5 of 7

Can't act without a human

Mapped to the NIST AI Risk Management Framework

The four RMF functions — Govern, Map, Measure, Manage — backed by controls already enforced in the platform, not aspirations.

Govern

Capability gateway authorizes + rate-limits every AI-triggered write
Human-ratify enforced in the database (verification.ratify / .publish), not a toggle
Per-tenant tamper-evident hash-chained audit of every AI call

Map

This registry documents each AI system: purpose, data accessed, model tier, human-in-loop
Every AI caller is one of the seven broker-routed systems — no shadow AI

Measure

agent_decisions logs confidence + human override on agent outputs (calibration)
Offline golden-set parser eval gates model changes
Per-tenant + platform spend ledger meters every call

Manage

PII redacted before any prompt leaves the tenant boundary (broker)
Spend caps + circuit-breaker soft-halt before overspend
Capability revocation invalidates access within seconds
Ground-or-abstain: assistants answer only from RLS-scoped tenant data

The model cards

One card per AI system. Every one removes personal details before the model and lands on a record you can check — the badge shows the human approval it can't act without.

Grant discovery agent

sonnet

Scouts funding opportunities and proposes new prospects for the pipeline.

Reads: The tenant's funding profile and existing pipeline.
Guardrail: Proposals land UNVERIFIED; advance only after a human ratifies (verification.ratify).

Human approvesdetails scrubbedon the record

Funder-fit scoring

sonnet

Rates a prospect 0–100 against the tenant profile, with a written rationale.

Reads: The prospect and the tenant's funding profile.
Guardrail: Advisory only — surfaces a score + rationale; the human decides. Writes no stage change.

Advisory onlydetails scrubbedon the record

Application drafter

opus

Drafts a grant application from the prospect and the org's own record.

Reads: The prospect, its documents, and prior drafts (the tenant’s history).
Guardrail: Produces a draft in "proposed" state; a human must finalize it (verification.publish).

Human publishesdetails scrubbedon the record

Funder-report drafter

opus

Drafts a post-award funder report under the same proposed→final discipline as drafts.

Reads: The grant, its outcomes, and reporting context.
Guardrail: Draft is "proposed"; a human publishes it (verification.publish). Never auto-sent.

Human publishesdetails scrubbedon the record

Grant co-pilot

sonnet

Conversational help over the grant pipeline; can propose pipeline changes.

Reads: The pipeline grounding snapshot (RLS-scoped).
Guardrail: Answers ONLY from the snapshot (abstains otherwise); writes only a human-confirmed proposal.

Proposes → you confirmdetails scrubbedon the record

Ask WeShield (cross-app assistant)

sonnet

Grounded assistant across every app; can propose the same whitelisted writes as the co-pilot.

Reads: A cross-app grounding snapshot composed from each app, RLS-scoped to the tenant.
Guardrail: Answers ONLY from the snapshot (abstains otherwise); writes only a human-confirmed proposal.

Proposes → you confirmdetails scrubbedon the record

Resource explainer / localizer

sonnet

Explains and localizes a civic resource to the tenant in plain language.

Reads: The selected resource.
Guardrail: Advisory; persists a summary only on the tenant’s own (non-shared) resource rows.

Advisory onlydetails scrubbedon the record

The model provider is disclosed on our sub-processor list. More on how it’s built: Security & Trust.