Field notes: Sharing an AI workflow without hidden authority
HUMΛN Team··6 min·Developers + security
The anti-pattern
“Share this folder / zip / API key bundle” is how shadow IT grows. The recipient gets capability without visibility: they can act, but cannot explain authority.
The HAIO answer
Governed Workflow Bundles are marketplace assets (humanos.bundle.v1) that:
- List members (agents, connectors, workflows, muscles) in deterministic install order.
- Route agent members through
installMarketplaceAsset, which creates org-scoped agent passports and constrained delegations (issueInstallDelegation). - Surface preset effects (risk ceiling, rate limits) in install preview before any mutation.
There is no supported path that smuggles long-lived secrets as “part of the bundle.” Connectors integrate through the connector install path; humans stay in the loop for gated scopes.
Before vs after
| Zip of secrets | Governed bundle |
|---|---|
| Opaque trust | Manifest + marketplace rows + review |
| Hard to revoke | Delegation grant + uninstall / compensate flows |
| Tribal knowledge | Preview API + CP wizard |
Implementation evidence
apps/api/src/services/install-bundle.ts— bundle orchestration + rollback on failure.apps/api/src/services/install-marketplace-asset.ts— KB 153 install flow.POST /v1/control-plane/marketplace/install/preview— operator-facing summary.
Share the asset id and trust tier, not a bag of keys.