Skip to content
HubbCentral
Demo fixtureInternal planning
Internal planning conceptPublic demo workspaceSynthetic fixture onlyNo Gmail connectedNo real email or contact dataNo real investor or private data

HubbCentral Founder Command Workspace

Internal planning concept for Paulo — synthetic demo only.

A single command-style view for prioritizing HubbCentral work: follow-ups, engineering coordination, security register alignment, partner and investor motions, and automation ideas. Nothing here connects to Gmail, sends messages, stores data, or runs agents.

Non-goals (now)
  • No Gmail connected
  • No email data
  • No integrations
  • No persistence
  • No AI runtime
Agent pattern

Chief of Staff Agent Pattern

Reusable planning pattern for communication triage, follow-ups, calendar prep, and owner approvals. Drafts suggestions only — human approval required before any external action.

No tools connected
Chief of Staff Agent Pattern
Planning only — Phase 1 simulation
Planning only

Future channels (not connected)

  • Gmail (future; not connected)
  • Calendar systems (future; not connected)
  • Third-party messaging channels (future; not connected)
  • Social inbox (future; not connected)

Pattern capabilities (fixture)

  • Communication triage and follow-up coordination
  • Calendar/context preparation — no booking
  • Owner approval queue for every external action
  • Daily/weekly brief outlines and draft responses only
  • Task candidate suggestions — no auto-create in this lane

Human approval gates

  • Human approval before sending any message
  • Human approval before scheduling or rescheduling
  • Human approval before CRM/member/client status updates
  • Human approval before billing or payment actions
  • Human approval before publishing content
  • Human approval before importing or storing real data

No autonomous sends · Drafts only · See docs/CHIEF_OF_STAFF_AGENT_PATTERN_MVP.md

Agent output simulation

Chief of Staff Daily Brief Simulation

Deterministic fixture output showing what a Chief of Staff Agent would surface each morning. No live data, no AI runtime, no sends — human approval required before any external action.

Simulation onlyNo tools connected
Simulation onlyNo tools connectedNo messages sentHuman approval requiredNo real data
Chief of Staff Daily Operator Brief
Simulation only — deterministic fixture output · Synthetic morning snapshot (fixture clock)
Agent output

A. Morning brief

3 priorities need founder attention

Synthetic queue: proof surfaces, approval copy, and next backend lane — no live task system.

2 follow-ups are aging

Demo investor and provider outreach concepts are waiting on an approved CRM or connector lane.

1 security/admin item needs review

Cross-check SEC register and validator posture — human review only, no live alert ingestion.

B. Communication triage

owner review needed
High-attention planning bucket — founder decides before any draft is queued.
3 synthetic items

Synthetic category

partner/investor follow-up
Pipeline motion labels only — no real firms, threads, or addresses.
2 synthetic items

Synthetic category

provider/business outreach
Vendor and trial reminders as planning labels; no CRM writes.
2 synthetic items

Synthetic category

security/account alert
Posture and access review concept — not a live security feed.
1 synthetic item

Synthetic category

marketing/social opportunity
Campaign themes and content ideas — nothing posts from this simulation.
2 synthetic items

Synthetic category

low-priority/general
Digest-style noise bucket so urgent items stay visible in triage.
4 synthetic items

Synthetic category

C. Approval queue

Draft response needs review
Synthetic reply concept for a partner thread — no send, archive, or label actions.
Awaiting founder sign-off

No send · No archive · No label actions

Follow-up sequence needs approval
Three-step nurture outline as planning copy only; no outbound automation.
Queued for human decision

No send · No archive · No label actions

Calendar prep note needs confirmation
Meeting context checklist — no booking, reschedule, or calendar API.
Prep draft only

No send · No archive · No label actions

D. Follow-up queue

ItemAging (fixture)Suggested next actionOwner (concept)
Demo investor/partner follow-upSynthetic — 5 days (fixture)Confirm whether CRM proof lane is nextFounder
Demo provider outreach follow-upSynthetic — 3 days (fixture)Review vendor trial planning notesOps (planned)
Demo BEZ planning follow-upSynthetic — 2 days (fixture)Align BEZ simulation priorities with private task MVPProduct
Demo product/security follow-upSynthetic — 1 day (fixture)Run validators and update security register docSecurity

E. Calendar / meeting prep

Synthetic strategy block
Agenda needed: Outline top 3 founder priorities and blockers
Decision list: Pick next connector proof vs backend lane
Prep materials: Links to planning docs only — no live Drive sync
Owner questions: Which approval gate copy needs stakeholder review first?
Synthetic product sync
Agenda needed: Review agent catalog and daily brief simulation feedback
Decision list: Approve fixture-only scope for next public lane
Prep materials: Founder Command route walkthrough script (demo)
Owner questions: Does the brief feel agentic without implying live tools?

F. Risks / blockers

No connector approved
Impact: Brief cannot pull live mail, calendar, or messaging data.
Mitigation: Keep simulation badges visible; separate approval per connector.
No live tool access
Impact: All triage and queue rows remain synthetic placeholders.
Mitigation: Show “No tools connected” on every agent output surface.
Real data gate closed
Impact: Importing contacts, events, or messages is blocked on this route.
Mitigation: Human approval required before any real data enters fixtures.
Approval required before external action
Impact: Drafts and suggestions never send, book, charge, or publish alone.
Mitigation: Queue every external action behind explicit owner sign-off.

G. Suggested next actions

Review follow-up queue

Confirm synthetic aging labels match how operators think about priority.

Approve or reject draft response concept

Practice the approval gate UX before any Gmail connector work.

Confirm next meeting priority

Validate calendar prep cards without implying live calendar access.

Decide which connector proof comes first

Compare Gmail read-only vs BEZ ingestion gate docs in a planning session.

See docs/CHIEF_OF_STAFF_DAILY_BRIEF_SIMULATION_MVP.md · No autonomous sends · Drafts and suggestions only

Ecosystem intelligence

Market Scout Agent

Recurring planning lane for external AI, SMB, and connector signals. Human-reviewed public sources only — no scraper, no external API, no secrets in this MVP.

No automated actionsNo accounts connected
Market Scout Agent
Tracks AI/SMB/tool ecosystem · Recommends integrate / partner / build (planning only)
Planning only
  • Tracks AI/SMB/tool ecosystem trends using human-reviewed public sources only.
  • Recommends ignore, monitor, integrate, partner, or build for AI Studio — planning labels only.
  • No automated actions, purchases, or account changes from this fixture.
  • No accounts connected on this route; no in-repo scraper or external API.
  • Report template + operating runbook define the human cycle; copy the template each cycle (see runbook).

See docs/AI_STUDIO_MARKET_SCOUT_AGENT_MVP.md, docs/AI_STUDIO_MARKET_SCOUT_OPERATING_RUNBOOK.md, docs/AI_STUDIO_MARKET_SCOUT_REPORT_TEMPLATE.md · Cadence: every 3 days (human-operated) · No automated scraper

Future Gmail management agent security plan

Future Gmail management agent — security plan
Planning-only policy for a possible inbox triage assistant. No connector, no OAuth, no email data in this workspace.
Planning only

Full security path, approval gates, and future lane sequence live in the repository doc below. This page does not connect to Gmail and does not read or send email.

No Gmail connected · No real email or contact data

Gmail planning

Gmail readiness overview

Read-only discovery is documented in the repo. This workspace remains a public fixture — no mailbox, OAuth, or send/read actions.

No Gmail connected
  • Read-only discovery is captured in repo docs; this UI is still a fixture with no mailbox connection.
  • Gmail Management Agent remains future-only — separate OAuth, scopes, and security approvals required.
  • No Gmail connected; no email read, send, label, archive, or delete actions from this route.
  • No real email addresses, subjects, snippets, message identifiers, attachments, or contact rows in app fixtures.
  • A future connector would start with least-privilege read-only proof lanes only after written approval.
Sanitized categories

Inbox categories — planning only

Labels distill read-only discovery into synthetic planning buckets. No subjects, snippets, addresses, message IDs, links, or attachments appear here.

No real mail data
HubbCentral / AI Studio operations
Planning lane for product and deployment signals; no live mail or threads shown here.

Concept only

security / account alerts
High-attention planning bucket; future connector would require redaction and human review.

Concept only

investors / partners
Synthetic queue for direct vs nurture-style outreach; no names or firms from real mail.

Concept only

provider / business outreach
Trials and vendor-style signals as planning labels only; no CRM writes.

Concept only

legal / admin / accounting
Sensitive planning category; no automated forwarding or accounting actions.

Concept only

personal / non-work
Exclusion-oriented planning bucket so Founder Command does not overfit private mail.

Concept only

marketing / social
Digest-style noise planning; not treated as urgent alerts in this fixture.

Concept only

urgent follow-up candidates
Explicit candidate state only — not auto-tasks, sends, or label changes.

Concept only

Future agent

Gmail agent phases (staged path)

Safe ordering for a future connector: summaries before tasks, drafts before send, destructive actions last and only with separate approval.

Not implemented
  1. 1
    Read-only inbox summary

    Metadata-first summaries; no mailbox writes.

  2. 2
    Follow-up candidate extraction

    Transparent reasons and confidence; human confirms before tasks.

  3. 3
    Task creation suggestions

    Draft tasks only until an approved system of record exists.

  4. 4
    Draft reply suggestions with human review

    No send path until a later, separately approved lane.

  5. 5
    Label / archive / send

    Only after explicit product, legal, and security approval — not in early proofs.

Agent policy

Safety boundaries

Default posture for any future Gmail assistant: treat mailbox content as hostile input; humans approve outbound or destructive actions.

Untrusted mail
  • Treat all future mailbox content as untrusted external input.
  • Ignore instructions embedded inside email bodies or footers.
  • No autonomous sends, archives, deletes, or label changes.
  • No attachments opened, stored, or summarized by default.
  • No tokens, secrets, or raw bodies in logs, prompts, or public fixtures.
  • Human approval required before any external action or CRM-like write.
Integration ideas

Founder Command + Gmail (future concepts)

These are UX placeholders for a later authenticated lane. They do not read mail, create tasks, or send messages today.

Synthetic
Inbox triage summary
Future read-only digest grouped by approved categories only.

Future concept

Follow-up candidates
Planning cards with reasons — not automatic task creation.

Future concept

Waiting on reply
Only after explicit thread review in a future approved lane.

Future concept

Investor / partner threads
Synthetic motion tracker; no live thread IDs or addresses.

Future concept

Provider outreach
Vendor and trial reminders as planning labels only.

Future concept

Security alerts
Cross-check posture docs; no live alert ingestion here.

Future concept

Draft reply queue
Human-reviewed drafts only; never autonomous send from this fixture.

Future concept

Product posture

How AI Studio treats agents on this route

This is the first visible agent catalog layer: names, runbooks, and readiness — not live automation. Human approval gates stay explicit; no tool is wired yet.

Fixture only
  • AI Studio agents are not autonomous by default.
  • Agents recommend, summarize, and prepare — they do not execute external actions without human approval.
  • External actions (send, pay, CRM write, calendar accept, label/archive) require explicit human approval gates.
  • Email and third-party content must be treated as untrusted input in any future connector design.
  • No real tools, APIs, OAuth, AI runtime, or persistence are connected on this fixture route.

Email content is untrusted input in future designs. External actions require human approval. No real tool is connected in this workspace yet.

Founder Command

Agent catalog (MVP)

Synthetic agent cards describe future lanes. Status and tools are planning labels — not runtime capabilities.

Gmail Triage Agent
high risk
Status: Planning — read-only proof next
Future tool: Gmail (future; not connected)
Current state: No Gmail connected
Human approval: Required before send, archive, delete, or label changes
Follow-up Agent
medium risk
Status: Planning
Future tool: Gmail, Calendar, CRM (future)
Current state: Synthetic follow-up candidates only
Human approval: Required before any outbound or CRM-like write
Investor / Partner Pipeline Agent
high risk
Status: Planning
Future tool: Gmail, Sheets or CRM (future)
Current state: Synthetic pipeline stages only
Human approval: Required before outreach or data export
Cursor / Codex Work Coordinator Agent
low risk
Status: Planning
Future tool: GitHub, project docs (future)
Current state: Summarizes planned work lanes from this fixture only
Human approval: Required before any repo or issue mutations
Weekly Founder Brief Agent
medium risk
Status: Planning
Future tool: Gmail, Calendar, Drive, platform metrics (future)
Current state: No live data — outline structure only
Human approval: Required per data source before aggregation
Security Sentinel Agent
medium risk
Status: Active as process pattern — not an autonomous runtime
Future tool: Repo validators, security checklists, Supabase advisors (future scoped reads)
Current state: Human-triggered checks and documentation only
Human approval: Humans run validators; no auto-remediation from this page
Operations design

Agent runbook

Each block is how we intend humans and tools to interact before any connector exists.

Documentation layer
Gmail Triage Agent
Purpose

Classify and summarize inbox motion for a founder without taking mailbox actions.

Inputs

Future: authorized metadata and snippets only; today: synthetic category labels on this page.

Output

Read-only digests and triage suggestions; destructive actions only after separate approval.

Tool / plugin needed

Gmail API with least-privilege scopes (not connected).

Human approval gate

Human sign-off before send, archive, delete, label, or forward.

Forbidden actions

Autonomous send, archive, delete, label, attachment ingestion, or cross-workspace mail sharing.

First safe test case

Walk this fixture’s Gmail phases and safety list with stakeholders — no API keys.

Follow-up Agent
Purpose

Surface follow-up candidates with reasons so a human can decide next steps.

Inputs

Future: tasks, threads, calendar holds; today: synthetic demo rows only.

Output

Candidate cards with suggested owner and status — no outbound sends.

Tool / plugin needed

Gmail, Calendar, CRM connectors (none active).

Human approval gate

Human approves each outbound message or CRM update.

Forbidden actions

Auto-SMS, auto-email, silent CRM writes, bulk contact import.

First safe test case

Review synthetic follow-up table here; confirm copy and gates before any connector spec.

Investor / Partner Pipeline Agent
Purpose

Keep a lightweight view of investor/partner motion for planning conversations.

Inputs

Future: CRM or sheet rows; today: pipeline stage labels only.

Output

Synthetic stage chips and planning notes — no real firms or contacts.

Tool / plugin needed

Gmail, Google Sheets, or CRM (none connected).

Human approval gate

Legal and data-handling review before storing real pipeline data.

Forbidden actions

Scraping contacts, auto-outreach, sharing outside approved workspace.

First safe test case

Use placeholder stages in a workshop; verify no PII is pasted into fixtures.

Cursor / Codex Work Coordinator Agent
Purpose

Align engineering work lanes across Cursor/Codex and written plans.

Inputs

Fixture engineering queue and internal docs references (no live GitHub).

Output

Summaries of planned lanes and statuses for humans to adjust.

Tool / plugin needed

GitHub API and doc links (not connected).

Human approval gate

Engineering lead approves any automated issue or PR actions.

Forbidden actions

Autonomous merges, secret exfiltration, cross-repo writes without review.

First safe test case

Reconcile this page’s engineering queue with a live board manually in a meeting.

Weekly Founder Brief Agent
Purpose

Draft a weekly founder brief from approved signals once sources exist.

Inputs

Future: mail summaries, calendar blocks, doc links, metrics APIs.

Output

Structured brief sections with citations — all subject to human edit.

Tool / plugin needed

Gmail, Calendar, Drive, metrics endpoints (none connected).

Human approval gate

Founder opts in per source; humans publish the final brief.

Forbidden actions

Silent posting, auto-sharing externally, mixing unapproved sources.

First safe test case

Fill brief sections manually from public metrics; compare to this outline.

Security Sentinel Agent
Purpose

Track security posture tasks and validator outcomes without autonomous remediation.

Inputs

Human-pasted checklist results, advisor exports, repo policy docs.

Output

Registers and reminders; escalations to humans only.

Tool / plugin needed

CI validators, Supabase advisor readouts, security playbooks (human-triggered).

Human approval gate

Security owner approves scope for any automated scanner expansion.

Forbidden actions

Auto-apply database policies, rotate secrets, or disable protections unattended.

First safe test case

Run existing repo validators locally and log outcomes in the security register doc.

Integrations (future)

Tool / plugin readiness matrix

Rows are external systems we may connect later. All cells are planning-only — no API clients on this page.

Human approval
Tool / pluginNeeded for which agentCurrent statusRisk levelApproval requiredFirst safe proof
GmailGmail Triage, Follow-up, Investor/Partner Pipeline, Weekly BriefNot connected — planning and fixture copy onlyHighOAuth scopes, retention, injection defenses, separate send/archive approvalMetadata-only read summary in an isolated staging project (future lane)
Google CalendarFollow-up, Weekly BriefNot connectedMediumCalendar consent model and least-privilege scopesRead-only free/busy or agenda snippet in staging after policy sign-off
Google DriveWeekly BriefNot connectedMediumFolder allowlists and DLP reviewLink-out summaries without automatic file download (future)
GitHubCursor / Codex CoordinatorNot connected from this workspaceLowFine-grained PAT or GitHub App with repo-scoped reviewRead-only issue list export reviewed in a meeting (manual)
SupabaseSecurity Sentinel (advisor-style reads only; no Marketplace reuse)Fixture has no database binding; advisors are human-run out-of-bandMediumPlatform owner + security review before any project linkageDocumented advisor checklist on AI Studio staging only (existing lane)
HubSpot / GoHighLevelFollow-up, Investor/Partner PipelineNot connectedHighCRM contract, field mapping, PII classificationSynthetic CRM export sample with fake rows in a sandbox (future)
Google SheetsInvestor/Partner PipelineNot connectedMediumSheet ACLs and sharing rulesManual sheet template with placeholder columns (no live sync)
WhatsAppNone in catalog MVP (out of scope for early proofs)Not connected — messaging integrations deferredHighBusiness messaging policy and provider compliance reviewNo automated WhatsApp actions in AI Studio until separately approved
StripeNone in catalog MVPNot connectedHighFinance and security sign-off for any payment surfaceNo payment intents from this route; planning docs only
QuickBooksNone in catalog MVPNot connectedHighAccounting and least-privilege integration reviewNo accounting API calls from this fixture
Owner dashboard

Command center cards

Synthetic cards show how a founder morning review could be structured. Replace with real sources only after approved backend, auth, and data boundaries exist.

Not live / not persisted
Focus
Today's founder priorities

Synthetic queue: review proof surfaces, tighten approval copy, pick next backend lane.

Focus
Follow-ups due

Demo rows only — no live CRM, no outbound sends, no calendar sync.

Focus
Product / Codex / Cursor work queue

Planning status for engineering coordination; not a live task system.

Focus
Security / follow-up register

Cross-check SEC items and deferred proofs; human review only.

Focus
Marketing / social ideas

Capture themes for later campaigns; nothing posts from this page.

Focus
Investor / partner outreach

Pipeline concept — placeholders only, no real firms or contacts.

Focus
Automation opportunities

Map candidates to approval gates before any build or integration lane.

Follow-up tracker

Synthetic rows

Placeholder labels only — no names, emails, or phone numbers from real contacts.

ItemStatusOwner (concept)
Demo investor follow-upConcept — waiting on approved CRM laneFounder
Demo provider outreachConcept — no email sendOps (planned)
Demo partner introductionConcept — human-only until approvedFounder
Demo security reviewConcept — track SEC register outside this pageSecurity
Pipeline concept

Founder motion stages

Stages are for planning discussions only. They do not sync to a CRM or task system.

Idea capturedNeeds researchReady for outreachWaiting on replyNeeds decisionCompleted / deferred
Engineering

Codex / Cursor work queue

Planning examples for tooling coordination. Not a live sprint board.

BEZ polish completed
UI / copy
Shipped (demo)
Founder workspace MVP
Product
In progress (this lane)
Gmail triage planning
Integrations
Discovery documented — connector still deferred (security lane)
Security follow-up register
Security
Ongoing review
Next backend proof lane
Platform
Queued after founder planning
Automation map

Opportunity candidates

Each row states status, risk, future data needs, and approval before any integration work.

Concept only
Gmail triage assistant
High risk
Status: Concept only
Data needed later: OAuth scopes, retention policy, allowlists, human send gates
Approval: Security + integration review before any Gmail API work
Follow-up reminder agent
Medium risk
Status: Concept only
Data needed later: CRM or task source of truth, consent model
Approval: Product + privacy review before automation
Investor / partner CRM helper
High risk
Status: Concept only
Data needed later: CRM connection, field mapping, PII classification
Approval: Legal + data handling review
Codex / Cursor work coordinator
Low risk
Status: Concept only
Data needed later: Issue tracker links, repo boundaries (manual for now)
Approval: Engineering workflow approval
Marketing content planner
Medium risk
Status: Concept only
Data needed later: Brand voice kit, channel rules
Approval: Marketing lead sign-off before drafts go live
Weekly founder brief
Low risk
Status: Concept only
Data needed later: Aggregated signals from approved sources only
Approval: Founder opt-in for each data source
Security follow-up sentinel
Medium risk
Status: Concept only
Data needed later: Read-only links to security advisories, no secrets in prompts
Approval: Security team review
Cadence

Next 7 days — synthetic priorities

  • Review AI Studio private proof surfaces for clarity and drift.
  • Plan Gmail permissions and least-privilege scopes before any connector work.
  • Prepare founder command intake fields for a future authenticated lane.
  • Define a no-real-data demo script for stakeholder walkthroughs.
  • Decide the first safe automation agent after buy-vs-integrate review.
Safety confirmations

What this route does not do

This checklist keeps the page distinct from a private founder portal, a CRM, or an automation runtime.

public demo / planning workspace
not a private founder portal yet
no Gmail connected
no real email or contact data
no real investor or private data
no backend / auth / database / persistence changes on this lane
no integrations or AI runtime
no storage / export / PDF / payments
no external sends from this page
future Gmail management requires a separate approved security / integration lane