# Data Flow

End-to-end demo flow from chat through Jido policy, approval, execution, and proof.

Status: implemented
Version: latest
Review: source-backed

## End-to-end path

The target production loop is agent-assisted, revenue-aware, and human-controlled:

1. User asks Trinity to pursue an acquisition or outreach goal in project chat.
2. Phoenix stores the message and builds a source-backed Hermes task package.
3. Jido-backed content firewall checks payload provenance and quarantined refs.
4. Oban submits approved runtime work to hosted Hermes.
5. Hermes returns a plan, draft, artifact request, or action intent.
6. High-risk action intents become ApprovalRequests.
7. A human reviews drafts, source docs, safety proof, and action details.
8. ToolRouter executes approved side effects with idempotency keys.
9. Stripe, Gmail, NVIDIA, Hermes, CRM, and artifact outputs write durable records.
10. Ledger, audit, run timeline, and proof packets show what happened.

## Demo flow table

| Stage | Input | Gate | Output |
| --- | --- | --- | --- |
| Request | Public form, project chat, CRM lead, or paid order | Auth, honeypot/domain checks, account scope | Contact, deal, order intake, or chat message |
| Context build | Project state, CRM records, released docs, proof refs | Tenant scope and content release state | Hermes task package |
| Policy | Task package and source refs | Jido-backed content firewall | Allowed runtime payload or blocked decision |
| Runtime | Approved metadata and released content | Hermes runtime auth and profile scope | Plan, draft, skill candidate, artifact request, or action intent |
| Model review | Drafts, leads, deliverables, high-risk copy | NVIDIA route and schema validation | ModelDecision |
| Review | Draft/action intent/evidence | Human approval and role check | Approved or rejected request |
| Execution | Approved action payload | ToolRouter policy, readiness, idempotency | Provider result or policy denial |
| Proof | Tool/model/revenue/audit rows | Redaction and source linking | Ledger entry, proof packet, downloadable artifact |

## Business proof chain

| Business object | Created by | Linked evidence |
| --- | --- | --- |
| Lead/contact | Snapshot request form, CRM import, or Hermes-assisted research | Source event, company/contact details, activity |
| Deal | CRM context or paid Stripe event | Contact/company, stage, amount, order |
| Order | Stripe checkout/webhook flow | Checkout session, webhook event, customer |
| RevenueEvent | Idempotent Stripe processing | Order, deal, ledger |
| AcquisitionRun | Paid order intake or approved operator goal | RunEvents, Hermes session, approvals |
| Draft/reply | Hermes and Gmail adapter path | ModelDecision, ApprovalEvent, ToolCall |
| Artifact | Document/artifact generator | Source refs, approvals, model proof, download/preview path |
| Ledger entry | Revenue, tool, model, approval, audit records | Full proof packet |

## Agent work packets

| Packet field | Source | Reason |
| --- | --- | --- |
| Goal and constraints | User chat, order intake, project settings | Tells Hermes what outcome to pursue |
| Account/project scope | Membership and project records | Prevents cross-tenant data access |
| Released source refs | Document/email/artifact release state | Blocks indirect prompt injection |
| Provider readiness | Integration catalog and secret status | Prevents actions when provider is missing |
| Skill scope | Project/account/global-core skill records | Reuses learned work without global leakage |
| Approval state | ApprovalRequest and ApprovalEvent records | Keeps agent intent separate from human authority |
| Proof refs | ToolCall, ModelDecision, AuditEvent, RevenueEvent | Gives the agent evidence without exposing secrets |

## Generated docs and artifacts

Trinity can create downloadable documents, outreach packs, CSVs, Mermaid-style graphs, proof exports, and generated summaries as project artifacts. Generated artifacts should link back to source documents, chat messages, model decisions, approvals, ToolCalls, CRM records, order/revenue records, and ledger proof where available.

Artifact links should support two outcomes: a direct download for files and a preview route for readable documents or graphs. The preview should never bypass content release or account/project authorization.

## Primary source links

- [Architecture](/docs/architecture)
- [Hermes Integration](/docs/hermes)
- [Jido Policy Firewall](/docs/jido)
- [Security and governance](/docs/security-governance)
- [Hermes Agent docs](https://hermes-agent.nousresearch.com/docs/)
- [Phoenix LiveView](https://hexdocs.pm/phoenix_live_view/Phoenix.LiveView.html)
- [Oban workers and retries](https://hexdocs.pm/oban/Oban.Worker.html)
- [PostgreSQL documentation](https://www.postgresql.org/docs/)


Source paths:
- `lib/autonomous_agency_web/live/project_live/show.ex`
- `lib/autonomous_agency/hermes/project_context.ex`
- `lib/autonomous_agency/tools/tool_router.ex`
- `lib/autonomous_agency/approvals.ex`
- `lib/autonomous_agency/governance/proof_packet.ex`
- `lib/autonomous_agency/agency/project_artifact.ex`
- `lib/autonomous_agency/tools/gmail_adapter.ex`