# Requirements: Konstruct **Defined:** 2026-03-23 **Core Value:** An AI employee that works in the channels your team already uses — no new tools to learn, no dashboards to check, just a capable coworker in Slack or WhatsApp. ## v1 Requirements Requirements for beta-ready release. Each maps to roadmap phases. ### Channel Infrastructure - [x] **CHAN-01**: Channel Gateway normalizes messages from all channels into unified KonstructMessage format - [x] **CHAN-02**: User can interact with AI employee via Slack (Events API — @mentions, DMs, thread replies) - [x] **CHAN-03**: User can interact with AI employee via WhatsApp Business Cloud API - [x] **CHAN-04**: WhatsApp adapter enforces business-function scoping per Meta 2026 policy - [x] **CHAN-05**: Platform rate-limits requests per tenant and per channel with configurable thresholds ### Agent Core - [x] **AGNT-01**: Tenant can configure a single AI employee with custom name, role, and persona - [x] **AGNT-02**: Agent maintains conversational memory within sessions (sliding window) - [x] **AGNT-03**: Agent retrieves relevant past context via vector search (pgvector long-term memory) - [x] **AGNT-04**: Agent can invoke registered tools to perform actions (tool registry + execution) - [x] **AGNT-05**: Agent escalates to human when configured rules trigger, transferring full conversation context - [x] **AGNT-06**: Every agent action (LLM call, tool invocation, handoff) is logged in an audit trail - [x] **AGNT-07**: Agent token usage is tracked per-agent per-tenant with configurable budget limits ### LLM Backend - [x] **LLM-01**: LiteLLM router abstracts LLM provider selection with fallback routing - [x] **LLM-02**: Platform supports Ollama (local) and commercial APIs (Anthropic, OpenAI) as LLM providers - [x] **LLM-03**: Tenant can provide their own API keys for supported LLM providers (BYO keys, encrypted at rest) ### Multi-Tenancy & Security - [x] **TNNT-01**: All tenant data is isolated via PostgreSQL Row Level Security - [x] **TNNT-02**: Inbound messages are resolved to the correct tenant via channel metadata - [x] **TNNT-03**: Per-tenant Redis namespace isolation for cache and session state - [x] **TNNT-04**: All data encrypted at rest (PostgreSQL, object storage) and in transit (TLS 1.3) ### Admin Portal - [x] **PRTA-01**: Operator can create, view, update, and delete tenants - [x] **PRTA-02**: Operator can design agents via a dedicated Agent Designer module — defining job description, statement of work, persona, system prompt, tool assignments, and escalation rules - [x] **PRTA-03**: Operator can connect messaging channels (Slack, WhatsApp) via guided wizard - [x] **PRTA-04**: New tenants are guided through structured onboarding (connect channel, configure agent, test message) - [x] **PRTA-05**: Operator can manage subscription plans and billing via Stripe integration - [x] **PRTA-06**: Portal displays agent cost tracking and usage metrics per tenant ### RBAC & User Management - [x] **RBAC-01**: Platform admin role with full access to all tenants, agents, users, and platform settings - [x] **RBAC-02**: Customer admin role scoped to a single tenant with full control over agents, channels, billing, API keys, and user management - [x] **RBAC-03**: Customer operator role scoped to a single tenant with read-only access to agents, conversations, and usage dashboards - [x] **RBAC-04**: Customer admin can invite users (admin or operator) by email — invitee receives activation link to set password and enable access - [x] **RBAC-05**: Portal navigation, pages, and UI elements adapt based on user role (platform admin sees tenant picker, customer admin sees their tenant, operator sees read-only views) - [x] **RBAC-06**: API endpoints enforce role-based authorization — unauthorized actions return 403 Forbidden, not just hidden UI ### Employee Design - [x] **EMPL-01**: Multi-step wizard guides user through AI employee creation (role definition, persona, tools, channels, escalation rules) without requiring knowledge of system prompt format - [x] **EMPL-02**: Pre-built agent templates (e.g., Customer Support Rep, Sales Assistant, Office Manager) available for one-click deployment with sensible defaults - [x] **EMPL-03**: Template-deployed agents are immediately functional — respond in connected channels with the template's persona, tools, and escalation rules - [x] **EMPL-04**: Wizard and templates accessible to platform admins and customer admins (RBAC-enforced, not operators) - [x] **EMPL-05**: Agents created via wizard or template appear in Agent Designer for further customization ## v2 Requirements Deferred to future release. Tracked but not in current roadmap. ### Channel Expansion - **CHAN-06**: User can interact with AI employee via Microsoft Teams - **CHAN-07**: User can interact with AI employee via Mattermost - **CHAN-08**: User can interact with AI employee via Telegram ### Agent Advanced - **AGNT-08**: Same agent maintains unified memory across Slack and WhatsApp (cross-channel identity) - **AGNT-09**: Agent detects negative sentiment and proactively escalates before user requests it - **AGNT-10**: Pre-built tool integrations for common SMB tools (Zendesk, HubSpot, Google Calendar) ### Multi-Agent Teams - **TEAM-01**: Coordinator agent routes inbound messages to specialist agents - **TEAM-02**: Specialist agents execute domain-specific tasks and return results to coordinator - **TEAM-03**: All inter-agent communication logged for audit ### Enterprise - **ENTR-01**: Schema-per-tenant isolation for Team tier - **ENTR-02**: Self-hosted deployment via Helm chart and Docker Compose - **ENTR-03**: Agent marketplace with pre-built role templates ## Out of Scope | Feature | Reason | |---------|--------| | Voice/telephony channels (Twilio) | Completely different tech stack and regulatory environment; validate messaging first | | Open-ended general-purpose WhatsApp bot | Banned by Meta (Jan 2026 policy); agents must serve specific business functions | | Real-time token streaming in chat | Slack/WhatsApp don't support partial message streaming; zero user benefit | | Full no-code visual agent builder (drag-and-drop) | Agent Designer covers structured text-based configuration; visual flow builders are premature | | Cross-tenant agent communication | Security/isolation violation; no compliance framework supports it | | Dashboard-first UX for end users | Defeats core value proposition; agent interactions stay in messaging channels | | White-labeling for agencies | Secondary market; validate direct SMB first | | AI company hierarchy (teams of teams) | Requires proven multi-agent foundation; v3+ | | SOC 2 / HIPAA compliance | Post-revenue; self-hosted option covers compliance-sensitive customers | ## Traceability Which phases cover which requirements. Updated during roadmap creation. | Requirement | Phase | Status | |-------------|-------|--------| | CHAN-01 | Phase 1 | Complete | | CHAN-02 | Phase 1 | Complete | | CHAN-03 | Phase 2 | Complete | | CHAN-04 | Phase 2 | Complete | | CHAN-05 | Phase 1 | Complete | | AGNT-01 | Phase 1 | Complete | | AGNT-02 | Phase 2 | Complete | | AGNT-03 | Phase 2 | Complete | | AGNT-04 | Phase 2 | Complete | | AGNT-05 | Phase 2 | Complete | | AGNT-06 | Phase 2 | Complete | | AGNT-07 | Phase 3 | Complete | | LLM-01 | Phase 1 | Complete | | LLM-02 | Phase 1 | Complete | | LLM-03 | Phase 3 | Complete | | TNNT-01 | Phase 1 | Complete | | TNNT-02 | Phase 1 | Complete | | TNNT-03 | Phase 1 | Complete | | TNNT-04 | Phase 1 | Complete | | PRTA-01 | Phase 1 | Complete | | PRTA-02 | Phase 1 | Complete | | PRTA-03 | Phase 3 | Complete | | PRTA-04 | Phase 3 | Complete | | PRTA-05 | Phase 3 | Complete | | PRTA-06 | Phase 3 | Complete | | RBAC-01 | Phase 4 | Complete | | RBAC-02 | Phase 4 | Complete | | RBAC-03 | Phase 4 | Complete | | RBAC-04 | Phase 4 | Complete | | RBAC-05 | Phase 4 | Complete | | RBAC-06 | Phase 4 | Complete | | EMPL-01 | Phase 5 | Complete | | EMPL-02 | Phase 5 | Complete | | EMPL-03 | Phase 5 | Complete | | EMPL-04 | Phase 5 | Complete | | EMPL-05 | Phase 5 | Complete | **Coverage:** - v1 requirements: 25 total (all complete) - RBAC requirements: 6 total (Phase 4, all complete) - Employee Design requirements: 5 total (Phase 5) --- *Requirements defined: 2026-03-23* *Last updated: 2026-03-23 after roadmap creation — traceability complete*