Safe to connect to your tools.

Praxeum is a knowledge and control plane, not an execution proxy. We read what you scope, we prove where every skill came from, and a human is accountable for everything an agent can do.

How we earn access

Read-only, and scoped by you

Every source connection uses read-only OAuth, limited to the specific Slack channels, Drive folders, and Notion spaces you select, with more sources on the way (each read-only, each scoped). We never hold write credentials to your execution systems; your agents use their own.

Permissions travel with knowledge

A skill drafted from a private channel inherits those permissions through every layer. Broadening visibility requires an explicit, audited human action.

Redaction at ingestion

PII and secrets are scrubbed before text can enter a draft or a trace: a pasted API key never reaches a skill or any answer.

Human approval is the firewall

All mined text is treated as untrusted data, never as instructions. Nothing an agent can execute exists until a person approves it.

An audit trail you can replay

Immutable versions, pinned evidence, approver identity, and point-in-time replay answer "your AI issued a refund, under whose authority?" It’s a detective control over reported agent behavior; we say so plainly rather than overclaiming enforcement.

Tenant isolation & offboarding

Per-tenant isolation with row-level security as defense-in-depth, and a full purge path on request: deletion propagates to documents, embeddings, and connections.

Google Workspace access

Where you connect Google Workspace, Praxeum requests read-only access, limited to the shared drives, folders, and meeting transcripts you choose (drive.readonly anddrive.meet.readonly). We use it solely to convert your documented and observed procedures into verified skills for your own team. Our handling of Google user data adheres to the Google API Services User Data Policy, including the Limited Use requirements. Full detail is in our Privacy Policy.

Built for the people whose knowledge we mine

Mined knowledge names its owner as author of record. Scoping is employee-visible. We never produce individual performance analytics. Your process gets your name on it.

Subprocessors

We keep the list short and disclosable, prefer SOC 2 vendors, and know which can be self-hosted. Design partners receive the current list and a DPIA template on request.