L2 · USER INTERACTIONKinHelm product

KinHelm Personal Assistant

The governed agent for everyday work. It is how employees interact with AI across the organization, and the proof that a useful agent and an enforced policy boundary are the same system.

The problem

Standard AI assistants see too much and answer to no one.

The assistant model most vendors ship breaks the permission system your organization spent years building.

Flaw 01 · Vendor-account vision

It sees what the service sees, not what the user should.

Assistants wired to a shared service account read everything that account can reach. A junior analyst asking a question can surface documents their own login would never open.

What it costs youCompartmentalization collapses. Classification and need-to-know are undone by a chat window.
Flaw 02 · Author-privilege inheritance

Built by an admin, run by an intern, executed as the admin.

Shared workflows in most platforms run with the permissions of whoever built them. Users silently borrow their author's access every time they click run.

What it costs youPrivilege escalation as a product feature, invisible to your IAM tooling and your access reviews.
Flaw 03 · Read means write

One grant unlocks every action.

Integrations are typically granted whole. An assistant allowed to search your ticket system can usually also create, edit, and delete in it, because nothing distinguishes the actions.

What it costs youEvery convenience integration becomes an unreviewed change pathway into systems of record.
What you get

Three outcomes. Here is how the Assistant delivers them.

Outcome 01

Faster compliance

How the Assistant delivers itEvery action is attributed to a named user and logged as people work, so the audit trail builds itself.
Outcome 02

Complete visibility

How the Assistant delivers itEvery prompt, response, and tool invocation, successful or failed, captured and exportable to Splunk or Datadog.
Outcome 03

Automated management

How the Assistant delivers itPolicy checks run before every tool call with no manual review required; boundaries hold at the tool-action level.
Design principle

The user's identity. The user's boundaries. Every time.

No override. No workaround. There is no prompt that makes the Assistant skip policy enforcement. The governance layer is not a feature it opts into; it is the execution path.
Identity

Inherits the user, not itself

The Assistant operates with the user's credentials, permissions, and access boundaries. It sees nothing the user cannot see, and every action is logged under their name.

Policy

Checks before every tool call

Before reading a file or creating a ticket, the platform verifies the user's role and group have access to that integration and that specific action.

Privilege

No silent escalation

Shared workflows run with the current user's permissions, never the author's. The runtime prevents agents from inheriting broader credentials.

Data

DLP on the model boundary

Outbound requests pass through data loss prevention. A pasted API key or SSN is redacted before it leaves the organizational boundary.

Isolation

Undiscoverable, not just restricted

Integrations a group has not been granted are invisible. The Assistant cannot surface tools or data sources outside the user's scope.

Models

Admin-controlled model access

The Assistant does not pick models freely. Administrators decide which providers and models are approved, per organization and per group.

Audit

Auditable to the tool call

Every prompt, response, and tool invocation, successful or failed, is captured and exportable to Splunk or Datadog via syslog.

Actions

Read vs write, per tool

Teams can hold read-only access to a system (search and view) while create, update, and delete stay blocked. Boundaries hold at the tool-action level.

In production

Everyday workloads

Email summarization, ticket triage, document search, and reporting, all inside the governed execution path, all fully auditable.

Next step

Put a governed assistant in front of your pilot teams.

Phase 3 of deployment enables governed agents for pilot groups in two to four weeks.