@adminide-stack/yantra-help-browser 12.0.16-alpha.2 → 12.0.16-alpha.21

package/lib/templates/content/security-compliance/security-overview.md

@@ -0,0 +1,186 @@
+# Security Overview
+
+Protecting your data is foundational to everything we build at Yantra. This guide covers our security architecture, data protection practices, and compliance posture.
+
+## Security Architecture
+
+### Isolated Customer Environments
+
+Each Yantra customer receives a **dedicated, isolated virtual machine** environment:
+
+- **Hardware-level isolation**: Your AI employee runs in its own VM, completely separated from other customers
+- **No shared resources**: Compute, memory, and storage are dedicated to your environment
+- **Independent scaling**: Your environment scales based on your workload without affecting others
+- **Automatic updates**: Security patches applied automatically without impacting availability
+
+### Secure Gateway
+
+All communication between your tools and your AI employee flows through the **Yantra Gateway**:
+
+```
+Your Tools → TLS 1.2+ → Yantra Gateway → Isolated VM → Action Engine
+```
+
+- All traffic is encrypted in transit using TLS 1.2 or higher
+- API routing ensures requests are directed to the correct customer environment
+- Rate limiting and DDoS protection at the gateway level
+- Request validation and sanitization before reaching your AI employee
+
+## Data Encryption
+
+### In Transit
+
+- All data encrypted using **TLS 1.2+** between all components
+- Certificate pinning for critical connections
+- Perfect forward secrecy enabled on all TLS connections
+
+### At Rest
+
+- All stored data encrypted using **AES-256** encryption
+- Customer-specific encryption keys managed through dedicated secret storage
+- Encryption keys rotated on a regular schedule
+- Database-level encryption for all persistent data stores
+
+### Credentials and Secrets
+
+- OAuth tokens and API keys stored in industry-standard secret management systems
+- Secrets are never logged, displayed, or stored in plaintext
+- Credential rotation supported and recommended
+- Revocation of any credential immediately effective
+
+## Access Controls
+
+### Authentication
+
+- **OAuth 2.0**: Standard authentication for tool connections — your credentials are never stored by Yantra
+- **API keys**: Secure API key management for programmatic access
+- **Multi-factor authentication (MFA)**: Required for all Yantra dashboard access
+- **SSO support**: Enterprise single sign-on integration available
+
+### Authorization
+
+- **Role-based access control (RBAC)**: Define who can configure, modify, and manage AI employees
+- **Principle of least privilege**: AI employees and team members only access what they need
+- **Granular permissions**: Control which tools, channels, and data sets each AI employee can access
+- **Permission inheritance**: Team-level settings with individual overrides
+
+## Minimal Data Access
+
+### Scoped Permissions
+
+When connecting third-party tools, Yantra requests only the **minimum permissions required**:
+
+- If your AI employee only needs to read Slack messages, it doesn't request write access
+- CRM write access is only requested if CRM automation features are enabled
+- You can review and adjust permissions at any time
+
+### Data Retention
+
+- Event data is processed in real-time and indexed for context
+- Raw event data retention follows your configured policy
+- You can request deletion of all data at any time
+- Data is purged according to your retention settings, not held indefinitely
+
+## Infrastructure Security
+
+### Cloud Infrastructure
+
+- Hosted on **SOC 2-compliant cloud providers**
+- Network isolation between customer environments
+- Automated security patching for all infrastructure components
+- Continuous monitoring of infrastructure health and security posture
+
+### Network Security
+
+- Private networking between internal components
+- No direct internet exposure for processing components
+- Firewall rules enforced at multiple layers
+- Intrusion detection and prevention systems active
+
+### Availability
+
+- **99.9% uptime SLA** for enterprise customers
+- Multi-region deployment options for high availability
+- Automatic failover for critical components
+- Regular disaster recovery testing
+
+## Data Handling
+
+### No Model Training on Your Data
+
+Data obtained from your connected tools is **never used to train AI models**. This is a firm policy:
+
+- Your conversations, code, CRM data, and emails are used exclusively for providing you service
+- No aggregation of customer data for model improvement
+- Strict adherence to all API provider data usage policies
+- Compliance with Limited Use requirements from providers like Google
+
+### Data Processing
+
+- Data is processed within your isolated environment
+- Temporary processing data is cleared after use
+- Sensitive data detection and masking available for specific fields
+- Data flow logs available for audit purposes
+
+## Compliance
+
+### Standards and Certifications
+
+- **SOC 2 Type II**: Annual audit for security, availability, and confidentiality
+- **GDPR**: Full compliance for EU data subjects
+- **CCPA**: California Consumer Privacy Act compliance
+- **HIPAA**: Available for healthcare customers (enterprise plan)
+
+### Data Residency
+
+- Default: US-hosted infrastructure
+- EU data residency available for applicable accounts
+- Additional regions available on enterprise plans
+- Data never transferred outside your specified region without consent
+
+## Team Security
+
+### Internal Practices
+
+- All Yantra team members undergo security training
+- Access to production systems is strictly restricted and audited
+- Multi-factor authentication required for all internal access
+- Regular access reviews and permission audits
+- Background checks for all team members with production access
+
+### Development Practices
+
+- Security review required for all code changes
+- Automated vulnerability scanning in CI/CD pipeline
+- Dependency scanning for known vulnerabilities
+- Regular penetration testing by independent security firms
+
+## Audit Trail
+
+Every action taken by your AI employee is logged with:
+
+- **Timestamp**: When the action occurred
+- **Action type**: What was done (read, write, create, update)
+- **Target**: Which tool and resource was affected
+- **Context**: What triggered the action
+- **Approval status**: Whether the action was auto-approved or human-approved
+- **Outcome**: Whether the action succeeded or failed
+
+Audit logs are available in your Yantra dashboard and can be exported for compliance purposes.
+
+## Reporting Vulnerabilities
+
+If you discover a security vulnerability, please report it responsibly:
+
+- Email: security@yantra.ai
+- We take all reports seriously and respond within 24 hours
+- Responsible disclosure timeline: 90 days
+- Recognition for valid vulnerability reports
+
+## Questions
+
+For questions about our security practices:
+
+- Email: security@yantra.ai
+- Review our [Privacy Policy](/help-center/data-privacy/privacy-policy)
+- Contact your account manager for enterprise security discussions

package/lib/templates/content/security-compliance/vm-isolation.md

@@ -0,0 +1,126 @@
+---
+title: 'VM Isolation and Infrastructure'
+---
+
+# VM Isolation and Infrastructure
+
+Yantra provides enterprise-grade infrastructure isolation, ensuring every customer's AI employee operates in a completely separated environment.
+
+## Isolated Virtual Machines
+
+### Architecture
+
+Each Yantra customer is provisioned a **dedicated virtual machine** for their AI employees:
+
+- **Complete isolation**: Your VM doesn't share resources with any other customer
+- **Dedicated compute**: CPU and memory resources allocated exclusively to your workload
+- **Separate storage**: All data stored on dedicated, encrypted volumes
+- **Independent networking**: Network traffic isolated through virtual private networking
+
+### Why VM Isolation Matters
+
+- **Security**: A vulnerability in one customer's environment cannot affect another
+- **Performance**: Your AI employee's performance isn't impacted by other customers' workloads
+- **Compliance**: Data isolation requirements for regulated industries are met at the infrastructure level
+- **Auditing**: Complete visibility into your environment without cross-customer noise
+
+## Infrastructure Components
+
+### Yantra Gateway
+
+The secure entry point for all tool integrations:
+
+- Load balancing and DDoS protection
+- TLS termination and certificate management
+- API routing to the correct customer VM
+- Rate limiting and request validation
+- Authentication and authorization enforcement
+
+### Customer VM
+
+Your isolated environment contains:
+
+- **Event Processor**: Receives and normalizes events from your integrations
+- **Context Engine**: Maintains your organization's knowledge graph
+- **Action Engine**: Executes or queues actions based on AI employee decisions
+- **Storage**: Encrypted data stores for event history and context
+- **Monitoring**: Health checks and performance tracking
+
+### AI Processing Layer
+
+AI model interactions are handled through:
+
+- Dedicated API connections to model providers
+- Prompt construction within your isolated environment
+- Response processing within your VM
+- No cross-customer data in model interactions
+
+## Zero-Configuration Deployment
+
+### No DevOps Required
+
+Setting up your Yantra AI employee requires:
+
+- ❌ No terminal or CLI usage
+- ❌ No Docker containers or Kubernetes
+- ❌ No infrastructure configuration
+- ❌ No code deployment
+- ✅ Just connect tools and describe your needs
+
+### Automatic Management
+
+Yantra handles all infrastructure operations:
+
+- **Provisioning**: VMs created automatically during signup
+- **Scaling**: Resources adjusted based on your tool count and event volume
+- **Patching**: Security updates applied without downtime
+- **Backups**: Automated backup schedules with tested restoration
+- **Monitoring**: 24/7 infrastructure health monitoring
+
+## Availability and Reliability
+
+### Uptime
+
+- **99.9% uptime SLA** for enterprise customers
+- Multi-availability-zone deployment for resilience
+- Automatic failover for component failures
+- Graceful degradation — AI employee continues operating even if non-critical components experience issues
+
+### Disaster Recovery
+
+- Regular backups with encrypted offsite storage
+- Recovery Point Objective (RPO): 1 hour
+- Recovery Time Objective (RTO): 4 hours
+- Disaster recovery procedures tested quarterly
+
+## Monitoring and Observability
+
+### Infrastructure Health
+
+Yantra monitors every customer environment for:
+
+- VM resource utilization (CPU, memory, storage)
+- Network connectivity and latency
+- Integration API health and response times
+- Event processing throughput and latency
+- Error rates and anomaly detection
+
+### Customer Visibility
+
+You have access to:
+
+- Integration connection status
+- Event processing statistics
+- AI employee action logs and performance
+- Storage utilization
+
+## Built on OpenClaw
+
+Yantra's infrastructure is built on the **OpenClaw** open-source AI agent platform:
+
+- Battle-tested by thousands of deployments worldwide
+- Continuous security improvements from the open-source community
+- Transparent agent architecture that can be audited
+- Enterprise hardening applied on top of the proven open-source foundation
+
+Learn more about OpenClaw at [OpenClaw Overview](/help-center/openclaw/openclaw-overview).

package/lib/templates/content/solutions-engineering/bug-tracking-context.md

@@ -0,0 +1,126 @@
+# Bug Tracking and Context Correlation
+
+Yantra's AI employee transforms how engineering teams handle bug reports by automatically correlating customer reports with technical data across your entire tool stack.
+
+## The Context Gathering Problem
+
+When a bug is reported, engineers typically need to manually:
+
+1. Search error monitoring for related exceptions
+2. Check issue trackers for duplicate or related tickets
+3. Review recent deployments that might have introduced the issue
+4. Look up the customer's environment and configuration
+5. Search Slack history for related discussions
+
+This manual process takes 30 minutes to 2+ hours per incident and is repeated for every new report.
+
+## How Yantra Automates Bug Correlation
+
+### Step 1: Detection
+
+Your AI employee monitors all channels where bugs might be reported:
+
+- Customer-facing Slack channels
+- Internal support channels
+- Direct messages mentioning issues
+- Email threads from enterprise customers
+
+### Step 2: Cross-Tool Investigation
+
+Within seconds of detecting a report, the AI employee:
+
+**Error Monitoring**:
+
+- Searches Sentry/Datadog for matching exceptions by error type, affected component, and customer tenant
+- Identifies error frequency, first occurrence, and trend direction
+- Links to relevant stack traces and affected code paths
+
+**Issue Management**:
+
+- Searches Linear/Jira for existing tickets related to the symptom
+- Identifies whether anyone is already investigating
+- Finds related past tickets and their resolutions
+
+**Version Control**:
+
+- Reviews recent deployments to the affected service
+- Identifies commits that touched related code paths
+- Surfaces the author and reviewer for relevant changes
+
+**Historical Context**:
+
+- Recalls past instances of similar issues for this customer
+- Surfaces workarounds that were previously applied
+- Links to post-mortem documentation if this is a recurring pattern
+
+### Step 3: Synthesis
+
+All findings are compiled into a structured triage summary:
+
+```
+Bug Report: Login failures for Acme Corp
+Reported by: Sarah in #support - 5 minutes ago
+
+Error Match: AuthTokenExpired in auth-service
+  - First seen: 35 min ago (after deploy #892)
+  - Occurrences: 47 (and rising)
+  - Affected tenants: Acme Corp, TechStart, DataFlow
+
+Related Ticket: Linear #1234 - "Auth token refresh race condition"
+  - Status: In Progress
+  - Assignee: Marcus
+  - Last update: Yesterday - deployed partial fix
+
+Recent Deploy: #892 by Alex (35 min ago)
+  - Changed: auth-service/token-handler.ts
+  - PR #567: "Optimize token refresh flow"
+
+Past Incidents: Similar issue on Jan 14 (resolved by reverting token cache TTL)
+
+Suggested Actions:
+  [1] Notify Marcus about expanded scope
+  [2] Draft customer response
+  [3] Create P0 escalation ticket
+```
+
+## Automatic Ticket Creation
+
+When a bug report doesn't match an existing ticket, your AI employee can automatically create one with:
+
+- Descriptive title based on the symptom
+- Detailed description including all correlated data
+- Links to relevant Sentry events, PRs, and Slack threads
+- Suggested priority based on customer impact and error severity
+- Automatic assignment based on code ownership
+
+## Duplicate Detection
+
+Before creating new tickets, the AI employee identifies potential duplicates by:
+
+- Matching error signatures across reporting channels
+- Comparing symptom descriptions using semantic analysis
+- Linking customer reports to existing engineering tickets
+- Flagging potential duplicates for human confirmation
+
+## Tracking Resolution
+
+Once a bug is being investigated, the AI employee continues monitoring:
+
+- Alerts on error rate changes (improving or worsening)
+- Notifies affected customers' contacts when fixes are deployed
+- Verifies error counts drop after deployments
+- Closes or updates tickets based on resolution status
+
+## Configuration
+
+### Correlation Sensitivity
+
+- **Strict**: Only correlate exact error matches
+- **Standard**: Include related errors from the same service
+- **Broad**: Include errors from dependent services (recommended for debugging complex issues)
+
+### Auto-Ticket Rules
+
+- Define which channels trigger automatic ticket creation
+- Set minimum severity thresholds for ticket creation
+- Configure default assignees based on service ownership maps

package/lib/templates/content/solutions-engineering/engineering-overview.md

@@ -0,0 +1,107 @@
+# Engineering Solutions Overview
+
+Yantra provides engineering teams with an AI employee that acts as a **technical operations partner** — monitoring your development infrastructure, correlating bugs with deployments, maintaining institutional knowledge, and ensuring nothing falls through the cracks.
+
+## The Engineering Challenge
+
+Senior engineers and CTOs carry enormous context about codebases, customer issues, and architectural decisions. This knowledge:
+
+- Creates bottlenecks when only one person can triage complex issues
+- Slows down new team members who lack historical context
+- Gets lost when people change roles or leave the organization
+- Can't scale as teams and customer bases grow
+
+Yantra captures and makes this context available to your entire engineering team, democratizing expertise.
+
+## Key Capabilities for Engineering
+
+### Bug Correlation and Triage
+
+When a customer reports an issue, your AI employee instantly:
+
+1. Searches error monitoring (Sentry, Datadog) for matching exceptions
+2. Checks project management (Linear, Jira) for existing tickets
+3. Reviews recent deployments and related code changes in GitHub
+4. Surfaces the customer's history and previous related issues
+5. Provides a complete triage summary in seconds
+
+### Deployment Monitoring
+
+Your AI employee tracks every deployment and correlates post-deploy events:
+
+- Error rate changes following deployments
+- Performance metric shifts after code changes
+- Customer reports that coincide with release timelines
+- Automatic rollback recommendations when impact thresholds are exceeded
+
+### Incident Context
+
+During incidents, your AI employee provides:
+
+- Historical data on similar errors and their resolutions
+- Identification of the most likely root cause based on recent changes
+- Links to relevant runbooks and post-mortem documentation
+- Notification of the right people based on code ownership and expertise
+
+### Institutional Memory
+
+Every fix, workaround, architectural decision, and customer-specific configuration is automatically indexed:
+
+- New engineers can query the AI employee about any aspect of the system
+- Past incident resolutions are surfaced when similar issues reoccur
+- Decision rationale is preserved even as team composition changes
+
+## Real-World Scenarios
+
+### Scenario: Customer Reports a Bug in Slack
+
+**Without Yantra**:
+A customer reports an issue in the #support channel. You spend the next 2 hours:
+
+- Searching Sentry for matching exceptions
+- Checking Linear for related tickets
+- Looking at GitHub for recent changes to the affected module
+- Asking colleagues if they've seen this before
+- Piecing together a root cause theory
+
+**With Yantra**:
+Your AI employee detects the report, performs all the above in under 30 seconds, and posts a comprehensive summary:
+
+> _"Customer Acme Corp reported login failures. Found matching Sentry error: AuthTokenExpired spiked to 47 occurrences after deploy #892 (35 min ago). Linear ticket #1234 exists — Marcus deployed a related fix yesterday. Drafting response with context."_
+
+### Scenario: 3 AM Error Spike
+
+**Without Yantra**:
+You wake up to 47 Sentry alerts. You spend an hour triaging, most are noise. The one critical issue gets delayed attention.
+
+**With Yantra**:
+Your AI employee correlates the alerts overnight, identifies the one genuinely critical issue, and sends a single escalation with full context. Everything else is logged and summarized for your morning briefing.
+
+### Scenario: New Engineer Onboarding
+
+**Without Yantra**:
+A new engineer asks about a specific customer's infrastructure. A senior engineer spends 30 minutes explaining the history of issues, workarounds, and decisions.
+
+**With Yantra**:
+The new engineer asks the AI employee directly and gets a complete context package: every interaction, every bug, every architectural decision related to that customer — in seconds.
+
+## Engineering Tool Integrations
+
+| Tool                | Capabilities                                                   |
+| ------------------- | -------------------------------------------------------------- |
+| **GitHub / GitLab** | Track PRs, commits, deployments, code reviews, branch activity |
+| **Sentry**          | Monitor errors, correlate with deploys, track resolution       |
+| **Linear / Jira**   | Create tickets, track status, link to related issues           |
+| **Slack**           | Monitor engineering channels, draft responses                  |
+| **Datadog**         | Surface anomalies, link metrics to code changes                |
+| **PagerDuty**       | Smart escalation, automated triage                             |
+
+## Getting Started
+
+1. Connect your engineering tools via [Integrations](/help-center/integrations/integrations-overview)
+2. Select "Engineering" as your AI employee type during setup
+3. Configure error thresholds and monitoring scope
+4. Start in supervised mode to review triage quality
+5. Expand autonomy as your AI employee learns your codebase context
+
+For setup details, see [Getting Started with AI Employees](/help-center/ai-employees/getting-started-ai-employees).

package/lib/templates/content/solutions-engineering/error-monitoring.md

@@ -0,0 +1,120 @@
+# Error Monitoring and Deploy Correlation
+
+Yantra's AI employee integrates with your error monitoring and CI/CD tools to automatically detect, correlate, and triage errors — linking every anomaly to its probable cause.
+
+## Continuous Error Watch
+
+Your AI employee monitors error tracking tools (Sentry, Datadog, PagerDuty) around the clock, providing:
+
+### Intelligent Triage
+
+Not all errors deserve the same response. The AI employee classifies errors by:
+
+- **Frequency**: How often is this error occurring?
+- **Recency**: Is this new or a known persistent issue?
+- **Impact**: How many users or customers are affected?
+- **Trend**: Is the frequency increasing, stable, or decreasing?
+- **Correlation**: Does this coincide with a deployment or configuration change?
+
+### Deploy-Error Correlation
+
+When error rates spike, the AI employee automatically:
+
+1. Identifies the most recent deployment(s) before the spike began
+2. Reviews the commits and PRs included in those deployments
+3. Pinpoints specific code changes most likely related to the error
+4. Surfaces the author and reviewer for those changes
+5. Checks if rollback or hotfix branches exist
+
+### Smart Alert Grouping
+
+Instead of sending one notification per error event, the AI employee:
+
+- Groups related errors by root cause
+- Deduplicates repeated occurrences
+- Provides a single actionable summary instead of notification floods
+- Distinguishes between new errors and regressions of previously fixed issues
+
+## Error Spike Response Flow
+
+When an error spike is detected:
+
+**Within 30 seconds**:
+
+- Error identified and classified
+- Correlated with recent deployments
+- Existing tickets checked for matches
+
+**Within 2 minutes**:
+
+- Full context package assembled
+- Affected customers identified
+- Appropriate team members notified
+
+**Within 5 minutes**:
+
+- Root cause hypothesis provided
+- Suggested remediation actions drafted
+- Rollback recommendation if applicable
+
+## Deployment Tracking
+
+### Pre-Deploy Safety Checks
+
+Your AI employee monitors deployment pipelines and can:
+
+- Verify that relevant CI checks have passed
+- Flag deployments that touch high-risk code paths
+- Warn about deploying during high-traffic periods or when related issues are unresolved
+
+### Post-Deploy Verification
+
+After any deployment, the AI employee:
+
+- Monitors error rates for the affected services for a configurable window
+- Compares current rates against pre-deploy baselines
+- Alerts if error rates exceed normal variance
+- Automatically links post-deploy issues to the specific deployment
+
+### Rollback Support
+
+When an error spike is clearly correlated with a deployment:
+
+- AI employee recommends a rollback with supporting evidence
+- Links to the revert/rollback procedure or branch
+- Notifies the deployer and team lead
+- Monitors error rates post-rollback to confirm resolution
+
+## Integration Details
+
+### Sentry
+
+- Monitors projects and issue streams
+- Reads error details, stack traces, and affected users
+- Tracks issue resolution status and assignments
+
+### Datadog
+
+- Watches custom metrics and anomaly detection alerts
+- Correlates APM data with deployment events
+- Surfaces latency and throughput anomalies
+
+### PagerDuty
+
+- Integrates with on-call schedules for smart escalation
+- Prevents duplicate pages for correlated incidents
+- Provides enriched context for every triggered alert
+
+### GitHub Actions / CI-CD
+
+- Tracks deployment events and build statuses
+- Maps commits to deployments for correlation
+- Monitors pipeline failures and flaky tests
+
+## Configuration Options
+
+- **Error threshold**: Number of occurrences before alert (default: configurable per project)
+- **Correlation window**: Time window to check for related deployments (default: 2 hours)
+- **Auto-rollback recommendation**: Enable/disable automatic rollback suggestions
+- **Quiet hours**: Batch non-critical error alerts during off-hours
+- **Team mapping**: Map services to responsible teams for accurate escalation