Envelope encryption
Company knowledge, files and credentials are encrypted per account with AWS KMS.
Resource
Botchi is built so business AI agents can use knowledge and tools without turning them into uncontrolled access. Encryption, account-owned credentials, approvals and auditability stay in the same workspace.
Audit trail
Acme workspace
Knowledge
encrypted
Training
never
This run
sealed
Company knowledge, files and credentials are encrypted per account with AWS KMS.
Knowledge, files and conversations are not used to train AI models.
Prompts and outputs are not retained by model providers beyond what you choose to store.
Tools use credentials owned by the account and scoped per agent, not a member's personal login.
Sensitive tools can require a human OK before an agent sends, edits or pays.
Agent activity is logged, and account data can be exported or permanently deleted.
A teammate connects a personal login to an agent.
Botchi uses account-owned credential bindings for business tools.
An agent has broad tool access it does not need.
Each agent receives scoped knowledge, tools and approval policies.
Sensitive work happens without a human decision.
Tool actions can be ask-first, read-only, automatic or off.
Nobody can explain what an agent did later.
Runs, actions and costs stay reviewable in account history.
Botchi stores company knowledge inside the account boundary and encrypts sensitive account data per account. Agents can use only the knowledge they are granted.
No. Company knowledge, files and conversations are never used to train AI models.
Yes. Tool policies can require a human approval before sensitive actions such as sending, editing or paying.
Business tool credentials are account-owned and scoped through bindings, rather than relying on a member's personal OAuth token.