KinHelm Personal Assistant
The governed agent for everyday work. It is how employees interact with AI across the organization, and the proof that a useful agent and an enforced policy boundary are the same system.
Standard AI assistants see too much and answer to no one.
The assistant model most vendors ship breaks the permission system your organization spent years building.
It sees what the service sees, not what the user should.
Assistants wired to a shared service account read everything that account can reach. A junior analyst asking a question can surface documents their own login would never open.
Built by an admin, run by an intern, executed as the admin.
Shared workflows in most platforms run with the permissions of whoever built them. Users silently borrow their author's access every time they click run.
One grant unlocks every action.
Integrations are typically granted whole. An assistant allowed to search your ticket system can usually also create, edit, and delete in it, because nothing distinguishes the actions.
Three outcomes. Here is how the Assistant delivers them.
Faster compliance
Complete visibility
Automated management
The user's identity. The user's boundaries. Every time.
Inherits the user, not itself
The Assistant operates with the user's credentials, permissions, and access boundaries. It sees nothing the user cannot see, and every action is logged under their name.
Checks before every tool call
Before reading a file or creating a ticket, the platform verifies the user's role and group have access to that integration and that specific action.
No silent escalation
Shared workflows run with the current user's permissions, never the author's. The runtime prevents agents from inheriting broader credentials.
DLP on the model boundary
Outbound requests pass through data loss prevention. A pasted API key or SSN is redacted before it leaves the organizational boundary.
Undiscoverable, not just restricted
Integrations a group has not been granted are invisible. The Assistant cannot surface tools or data sources outside the user's scope.
Admin-controlled model access
The Assistant does not pick models freely. Administrators decide which providers and models are approved, per organization and per group.
Auditable to the tool call
Every prompt, response, and tool invocation, successful or failed, is captured and exportable to Splunk or Datadog via syslog.
Read vs write, per tool
Teams can hold read-only access to a system (search and view) while create, update, and delete stay blocked. Boundaries hold at the tool-action level.
Everyday workloads
Email summarization, ticket triage, document search, and reporting, all inside the governed execution path, all fully auditable.
Put a governed assistant in front of your pilot teams.
Phase 3 of deployment enables governed agents for pilot groups in two to four weeks.