Domain: Knowledge Bases

Knowledge Bases (KBs) are structured sources of truth used by AI and automation across the platform.

Definition

A knowledge base contains:

KB content must be versioned or at minimum have a publish/review boundary (MVP can start simple).
AI outputs must reference only approved KB content for “facts” (where required by policy).
KB access must be permissioned and audit logged for publish events.
Knowledge bases are workspace-scoped objects: a KB belongs to a workspace and must not be visible across workspaces unless the user is authorized for that workspace.
The platform provides an org-wide KB discovery surface (route-level concern) that aggregates KBs across all workspaces a user is authorized to access, enabling cross-workspace search/filtering without breaking workspace isolation.

Draft → Review (optional) → Published
Publishing triggers:
- downstream cache refresh
- app configuration refresh (Comment Responder, Chatti Live)

Any KB state change must have explicit expectations for:

Audit events: who changed what, when, and in which workspace/org context.
Analytics events: follow Analytics Events (MVP); avoid KB content and PII in payloads. At minimum, KB publish must be represented as kb.published.

Bypassing workspace scoping (e.g. “global KB table” without authorization constraints).
Encoding domain logic in UI-only behavior without a domain source of truth.
Skipping audit expectations for publish/edit actions.
Emitting analytics with message content, KB content, or PII.
“Fixing” correctness by widening permissions or weakening isolation.