# Documents and artifacts reference

How Trinity handles uploaded documents, quarantined source material, generated docs, graphs, previews, downloads, and proof links.

Status: implemented
Version: latest
Review: source-backed

## Document role

Project documents let operators upload source material such as outreach templates, sales notes, strategy docs, attachments, and customer-supplied references. Uploaded material should be useful to Hermes without becoming an automatic prompt-injection path.

| Object | State | Runtime access |
| --- | --- | --- |
| Uploaded document | Quarantined by default | Metadata and source ref only |
| Reviewed document | Released by a human | Bounded content or source summary |
| Email attachment | Metadata/hash first | Body requires preview/release |
| Generated artifact | Produced by Trinity/Hermes/tooling | Preview/download behind project access |
| Proof export | Generated from ledger/proof packet | Redacted and source-linked |

## Generated artifacts

Trinity can create documents, outreach packs, CSVs, graphs, proof exports, and other downloadable outputs. A good artifact is not just a file: it should carry source refs, model decisions, approvals, ToolCalls, CRM links, and ledger proof where applicable.

| Artifact type | Example use | Required proof |
| --- | --- | --- |
| Outreach pack | First email draft, follow-up variants, lead notes | Draft source, safety review, approval status |
| Acquisition snapshot | Paid deliverable summary | Order, RevenueEvent, CRM, ModelDecision, artifact record |
| Graph/diagram | Pipeline, run flow, account map | Source data refs and generated artifact hash |
| CSV/export | Lead list or activity summary | CRM source refs and redaction status |
| Proof packet | Shareable operational evidence | Ledger, audit, tool, model, approval refs |

## Storage and preview rules

Downloads and previews should remain account/project-scoped. Preview routes should show readable content only after the document or artifact is released for that project. Storage providers such as Tigris/S3-compatible buckets can hold objects, but authorization and release state remain in Trinity.

## Related pages

- [Security and governance](/docs/security-governance)
- [Data Flow](/docs/data-flow)
- [Technology stack reference](/docs/reference/tech-stack)


Source paths:
- `lib/autonomous_agency/agency/project_document.ex`
- `lib/autonomous_agency/agency/project_artifact.ex`
- `lib/autonomous_agency/security/content_firewall.ex`
- `lib/autonomous_agency/governance/proof_packet.ex`
- `lib/autonomous_agency/integrations/secret_stores/local_file.ex`
- `lib/autonomous_agency/integrations/secret_stores/encrypted_db.ex`