01 / 04
Cost visibility
Per-skill cost attribution at account, workspace, project, and skill level. Every execution tracked. Real-time budget enforcement, no end-of-month surprises.
For enterprise
Govern AI at scale without becoming the bottleneck.
Personal agent tools have proven the value. They cannot be deployed to your teams without a governed infrastructure layer. xFlo is that layer.
The enterprise tension
You cannot govern what you cannot see.
Personal agent tools work. Individuals are using them on personal API keys, outside any governance framework. The productivity gains are real. The risk is invisible.
No cost visibility. No audit trail. No access management. Enterprise platforms exist but require six-month implementations and force every use case through a central team. The people building AI in the business are stuck between tools that are ungoverned and platforms that are inaccessible.
Executive overviewNo data
Spend this month—
Active agents—
Users with AI access—
Actions logged today—
Compliance violations—
When agents run outside your platform, this is your dashboard
Control, visibility, and trust. By design.
Four control surfaces that keep agent activity governed without slowing teams down.
02 / 04
Access control
Role-level access across Account, Workspace, and Project. Workspace isolation per team. Per-user OAuth means correct credentials and correct permissions on every execution.
03 / 04
Audit trail
Immutable event store. Every agent action, output, approval, and rejection recorded. Version control at every cascade level with full diff and one-click rollback. HITL gates at any step.
04 / 04
Trust escalation
Supervised, Checkpoint, Autonomous. Agents earn autonomy through demonstrated performance. You define the thresholds. The platform enforces them.
The architecture
Production infrastructure. Not a demo.
The six-layer cascade (Account, Workspace, Project, Thread, User, Skill) means governance is configured once and inherited by every agent beneath. Override at any level. The cascade picks the most specific value at invocation.
Composable skills at four capability levels. Typed input and output contracts catch errors at the boundary. DAG workflow engine, background agents, scheduled execution.
850+ toolkits via managed OAuth. Gmail, Slack, Salesforce, Microsoft 365, GitHub. Custom MCP servers for proprietary systems.
Cascades down
01Account
Global rules02Workspace
Brand voice03Project
Campaign goals04Thread
Session context05User
Personal prefs06Skill
Per-skill tuneBuilders without chaos
Teams build. Governance holds.
The Skill Builder and Agent Builder let teams build without engineering overhead, within a fully governed framework. Skills and agents inherit cascade context. Subject to the same quality thresholds, cost attribution, and trust escalation as everything else on the platform.
Teams build autonomously. Governance is structural. The CTO is not the bottleneck. The platform is the safeguard.
Skill BuilderManual
Name
draft_release_notes
Level
L1
L2
L3
L4
Tools
LinearGitHubSlack+ Add
TrustSupervised
Agent BuilderConversational
Build me a content marketer who can draft, review, and publish blog posts.
Proposing 4 skills + trust tier. Review each:
ResearchProposed
DraftProposed
ReviewApproved
PublishApproved
Deployment model
Maps to how your organisation works.
Three nested scopes. Configured top-down. Governed at every level.
01
Account
Global constraints, approved model list, security policies, budget ceiling. Set once, enforced everywhere beneath.
02
Workspaces
Departments, teams, use cases. Each with its own context, agents, and cost attribution. Workspace isolation by default.
03
Projects
Discrete initiatives within a workspace. Domain agents for legal, finance, operations, customer success. Workspace Director for cross-project coordination.
Enterprise-ready by design
The capabilities your security, compliance, and finance teams expect.
Built into the platform from day one. No bolt-ons, no separate compliance suite. The things CTOs ask about before they sign.
Tenant data isolation
Workspace boundaries enforced at the database level via row-level security. No cross-tenant access. Departments and clients fully separated by design.
Immutable audit trail
Every agent decision, tool call, and human approval logged with timestamp, user ID, and full context. Replayable end to end. Exportable for compliance.
Per-user access control
Role-based access at Account, Workspace, and Project. Per-user OAuth in shared threads means correct credentials and correct permissions on every execution.
Granular cost attribution
Every dollar tracked at account, workspace, project, and skill level. Real-time budgets. Compute-class limits prevent runaway jobs.
Configurable trust gates
HITL on irreversible actions: email send, financial transactions, CRM writes. Trust escalation per agent (Supervised, Checkpoint, Autonomous), earned through performance.
Versioned and reversible
Every cascade level versioned with full diff and one-click rollback. Configuration is auditable. No stuck deployments, no silent overrides.
Six-layer governance
Account, Workspace, Project, Thread, User, Skill. Set policy once at the right level, inherited by everything beneath. Override only where it matters.
Quality scoring per execution
Every agent run is scored against configurable thresholds. Auto-approval where you want it, escalation where you do not. The trust dashboard surfaces patterns.
Technical evaluation
A technical evaluation, not a sales demo.
Bring your security requirements, compliance constraints, and organisational structure. We show you how xFlo provides the governed layer your enterprise needs.