HubbCentral Founder Command Workspace
Internal planning concept for Paulo — synthetic demo only.
A single command-style view for prioritizing HubbCentral work: follow-ups, engineering coordination, security register alignment, partner and investor motions, and automation ideas. Nothing here connects to Gmail, sends messages, stores data, or runs agents.
- No Gmail connected
- No email data
- No integrations
- No persistence
- No AI runtime
Chief of Staff Agent Pattern
Reusable planning pattern for communication triage, follow-ups, calendar prep, and owner approvals. Drafts suggestions only — human approval required before any external action.
Future channels (not connected)
- Gmail (future; not connected)
- Calendar systems (future; not connected)
- Third-party messaging channels (future; not connected)
- Social inbox (future; not connected)
Pattern capabilities (fixture)
- Communication triage and follow-up coordination
- Calendar/context preparation — no booking
- Owner approval queue for every external action
- Daily/weekly brief outlines and draft responses only
- Task candidate suggestions — no auto-create in this lane
Human approval gates
- Human approval before sending any message
- Human approval before scheduling or rescheduling
- Human approval before CRM/member/client status updates
- Human approval before billing or payment actions
- Human approval before publishing content
- Human approval before importing or storing real data
No autonomous sends · Drafts only · See docs/CHIEF_OF_STAFF_AGENT_PATTERN_MVP.md
Chief of Staff Daily Brief Simulation
Deterministic fixture output showing what a Chief of Staff Agent would surface each morning. No live data, no AI runtime, no sends — human approval required before any external action.
A. Morning brief
Synthetic queue: proof surfaces, approval copy, and next backend lane — no live task system.
Demo investor and provider outreach concepts are waiting on an approved CRM or connector lane.
Cross-check SEC register and validator posture — human review only, no live alert ingestion.
B. Communication triage
Synthetic category
Synthetic category
Synthetic category
Synthetic category
Synthetic category
Synthetic category
C. Approval queue
No send · No archive · No label actions
No send · No archive · No label actions
No send · No archive · No label actions
D. Follow-up queue
| Item | Aging (fixture) | Suggested next action | Owner (concept) |
|---|---|---|---|
| Demo investor/partner follow-up | Synthetic — 5 days (fixture) | Confirm whether CRM proof lane is next | Founder |
| Demo provider outreach follow-up | Synthetic — 3 days (fixture) | Review vendor trial planning notes | Ops (planned) |
| Demo BEZ planning follow-up | Synthetic — 2 days (fixture) | Align BEZ simulation priorities with private task MVP | Product |
| Demo product/security follow-up | Synthetic — 1 day (fixture) | Run validators and update security register doc | Security |
E. Calendar / meeting prep
F. Risks / blockers
G. Suggested next actions
Confirm synthetic aging labels match how operators think about priority.
Practice the approval gate UX before any Gmail connector work.
Validate calendar prep cards without implying live calendar access.
Compare Gmail read-only vs BEZ ingestion gate docs in a planning session.
See docs/CHIEF_OF_STAFF_DAILY_BRIEF_SIMULATION_MVP.md · No autonomous sends · Drafts and suggestions only
Market Scout Agent
Recurring planning lane for external AI, SMB, and connector signals. Human-reviewed public sources only — no scraper, no external API, no secrets in this MVP.
- Tracks AI/SMB/tool ecosystem trends using human-reviewed public sources only.
- Recommends ignore, monitor, integrate, partner, or build for AI Studio — planning labels only.
- No automated actions, purchases, or account changes from this fixture.
- No accounts connected on this route; no in-repo scraper or external API.
- Report template + operating runbook define the human cycle; copy the template each cycle (see runbook).
See docs/AI_STUDIO_MARKET_SCOUT_AGENT_MVP.md, docs/AI_STUDIO_MARKET_SCOUT_OPERATING_RUNBOOK.md, docs/AI_STUDIO_MARKET_SCOUT_REPORT_TEMPLATE.md · Cadence: every 3 days (human-operated) · No automated scraper
Future Gmail management agent security plan
Full security path, approval gates, and future lane sequence live in the repository doc below. This page does not connect to Gmail and does not read or send email.
No Gmail connected · No real email or contact data
Gmail readiness overview
Read-only discovery is documented in the repo. This workspace remains a public fixture — no mailbox, OAuth, or send/read actions.
- Read-only discovery is captured in repo docs; this UI is still a fixture with no mailbox connection.
- Gmail Management Agent remains future-only — separate OAuth, scopes, and security approvals required.
- No Gmail connected; no email read, send, label, archive, or delete actions from this route.
- No real email addresses, subjects, snippets, message identifiers, attachments, or contact rows in app fixtures.
- A future connector would start with least-privilege read-only proof lanes only after written approval.
Inbox categories — planning only
Labels distill read-only discovery into synthetic planning buckets. No subjects, snippets, addresses, message IDs, links, or attachments appear here.
Concept only
Concept only
Concept only
Concept only
Concept only
Concept only
Concept only
Concept only
Gmail agent phases (staged path)
Safe ordering for a future connector: summaries before tasks, drafts before send, destructive actions last and only with separate approval.
- 1Read-only inbox summary
Metadata-first summaries; no mailbox writes.
- 2Follow-up candidate extraction
Transparent reasons and confidence; human confirms before tasks.
- 3Task creation suggestions
Draft tasks only until an approved system of record exists.
- 4Draft reply suggestions with human review
No send path until a later, separately approved lane.
- 5Label / archive / send
Only after explicit product, legal, and security approval — not in early proofs.
Safety boundaries
Default posture for any future Gmail assistant: treat mailbox content as hostile input; humans approve outbound or destructive actions.
- Treat all future mailbox content as untrusted external input.
- Ignore instructions embedded inside email bodies or footers.
- No autonomous sends, archives, deletes, or label changes.
- No attachments opened, stored, or summarized by default.
- No tokens, secrets, or raw bodies in logs, prompts, or public fixtures.
- Human approval required before any external action or CRM-like write.
Founder Command + Gmail (future concepts)
These are UX placeholders for a later authenticated lane. They do not read mail, create tasks, or send messages today.
Future concept
Future concept
Future concept
Future concept
Future concept
Future concept
Future concept
How AI Studio treats agents on this route
This is the first visible agent catalog layer: names, runbooks, and readiness — not live automation. Human approval gates stay explicit; no tool is wired yet.
- AI Studio agents are not autonomous by default.
- Agents recommend, summarize, and prepare — they do not execute external actions without human approval.
- External actions (send, pay, CRM write, calendar accept, label/archive) require explicit human approval gates.
- Email and third-party content must be treated as untrusted input in any future connector design.
- No real tools, APIs, OAuth, AI runtime, or persistence are connected on this fixture route.
Email content is untrusted input in future designs. External actions require human approval. No real tool is connected in this workspace yet.
Agent catalog (MVP)
Synthetic agent cards describe future lanes. Status and tools are planning labels — not runtime capabilities.
Agent runbook
Each block is how we intend humans and tools to interact before any connector exists.
Classify and summarize inbox motion for a founder without taking mailbox actions.
Future: authorized metadata and snippets only; today: synthetic category labels on this page.
Read-only digests and triage suggestions; destructive actions only after separate approval.
Gmail API with least-privilege scopes (not connected).
Human sign-off before send, archive, delete, label, or forward.
Autonomous send, archive, delete, label, attachment ingestion, or cross-workspace mail sharing.
Walk this fixture’s Gmail phases and safety list with stakeholders — no API keys.
Surface follow-up candidates with reasons so a human can decide next steps.
Future: tasks, threads, calendar holds; today: synthetic demo rows only.
Candidate cards with suggested owner and status — no outbound sends.
Gmail, Calendar, CRM connectors (none active).
Human approves each outbound message or CRM update.
Auto-SMS, auto-email, silent CRM writes, bulk contact import.
Review synthetic follow-up table here; confirm copy and gates before any connector spec.
Keep a lightweight view of investor/partner motion for planning conversations.
Future: CRM or sheet rows; today: pipeline stage labels only.
Synthetic stage chips and planning notes — no real firms or contacts.
Gmail, Google Sheets, or CRM (none connected).
Legal and data-handling review before storing real pipeline data.
Scraping contacts, auto-outreach, sharing outside approved workspace.
Use placeholder stages in a workshop; verify no PII is pasted into fixtures.
Align engineering work lanes across Cursor/Codex and written plans.
Fixture engineering queue and internal docs references (no live GitHub).
Summaries of planned lanes and statuses for humans to adjust.
GitHub API and doc links (not connected).
Engineering lead approves any automated issue or PR actions.
Autonomous merges, secret exfiltration, cross-repo writes without review.
Reconcile this page’s engineering queue with a live board manually in a meeting.
Draft a weekly founder brief from approved signals once sources exist.
Future: mail summaries, calendar blocks, doc links, metrics APIs.
Structured brief sections with citations — all subject to human edit.
Gmail, Calendar, Drive, metrics endpoints (none connected).
Founder opts in per source; humans publish the final brief.
Silent posting, auto-sharing externally, mixing unapproved sources.
Fill brief sections manually from public metrics; compare to this outline.
Track security posture tasks and validator outcomes without autonomous remediation.
Human-pasted checklist results, advisor exports, repo policy docs.
Registers and reminders; escalations to humans only.
CI validators, Supabase advisor readouts, security playbooks (human-triggered).
Security owner approves scope for any automated scanner expansion.
Auto-apply database policies, rotate secrets, or disable protections unattended.
Run existing repo validators locally and log outcomes in the security register doc.
Tool / plugin readiness matrix
Rows are external systems we may connect later. All cells are planning-only — no API clients on this page.
| Tool / plugin | Needed for which agent | Current status | Risk level | Approval required | First safe proof |
|---|---|---|---|---|---|
| Gmail | Gmail Triage, Follow-up, Investor/Partner Pipeline, Weekly Brief | Not connected — planning and fixture copy only | High | OAuth scopes, retention, injection defenses, separate send/archive approval | Metadata-only read summary in an isolated staging project (future lane) |
| Google Calendar | Follow-up, Weekly Brief | Not connected | Medium | Calendar consent model and least-privilege scopes | Read-only free/busy or agenda snippet in staging after policy sign-off |
| Google Drive | Weekly Brief | Not connected | Medium | Folder allowlists and DLP review | Link-out summaries without automatic file download (future) |
| GitHub | Cursor / Codex Coordinator | Not connected from this workspace | Low | Fine-grained PAT or GitHub App with repo-scoped review | Read-only issue list export reviewed in a meeting (manual) |
| Supabase | Security Sentinel (advisor-style reads only; no Marketplace reuse) | Fixture has no database binding; advisors are human-run out-of-band | Medium | Platform owner + security review before any project linkage | Documented advisor checklist on AI Studio staging only (existing lane) |
| HubSpot / GoHighLevel | Follow-up, Investor/Partner Pipeline | Not connected | High | CRM contract, field mapping, PII classification | Synthetic CRM export sample with fake rows in a sandbox (future) |
| Google Sheets | Investor/Partner Pipeline | Not connected | Medium | Sheet ACLs and sharing rules | Manual sheet template with placeholder columns (no live sync) |
| None in catalog MVP (out of scope for early proofs) | Not connected — messaging integrations deferred | High | Business messaging policy and provider compliance review | No automated WhatsApp actions in AI Studio until separately approved | |
| Stripe | None in catalog MVP | Not connected | High | Finance and security sign-off for any payment surface | No payment intents from this route; planning docs only |
| QuickBooks | None in catalog MVP | Not connected | High | Accounting and least-privilege integration review | No accounting API calls from this fixture |
Command center cards
Synthetic cards show how a founder morning review could be structured. Replace with real sources only after approved backend, auth, and data boundaries exist.
Synthetic queue: review proof surfaces, tighten approval copy, pick next backend lane.
Demo rows only — no live CRM, no outbound sends, no calendar sync.
Planning status for engineering coordination; not a live task system.
Cross-check SEC items and deferred proofs; human review only.
Capture themes for later campaigns; nothing posts from this page.
Pipeline concept — placeholders only, no real firms or contacts.
Map candidates to approval gates before any build or integration lane.
Synthetic rows
Placeholder labels only — no names, emails, or phone numbers from real contacts.
| Item | Status | Owner (concept) |
|---|---|---|
| Demo investor follow-up | Concept — waiting on approved CRM lane | Founder |
| Demo provider outreach | Concept — no email send | Ops (planned) |
| Demo partner introduction | Concept — human-only until approved | Founder |
| Demo security review | Concept — track SEC register outside this page | Security |
Founder motion stages
Stages are for planning discussions only. They do not sync to a CRM or task system.
Codex / Cursor work queue
Planning examples for tooling coordination. Not a live sprint board.
Opportunity candidates
Each row states status, risk, future data needs, and approval before any integration work.
Next 7 days — synthetic priorities
- Review AI Studio private proof surfaces for clarity and drift.
- Plan Gmail permissions and least-privilege scopes before any connector work.
- Prepare founder command intake fields for a future authenticated lane.
- Define a no-real-data demo script for stakeholder walkthroughs.
- Decide the first safe automation agent after buy-vs-integrate review.
What this route does not do
This checklist keeps the page distinct from a private founder portal, a CRM, or an automation runtime.