Connectors get keys, agents get hands
Credential onboarding lands — paste a token or run one Google OAuth consent and your connectors sync for real. And agents gain propose_action: CRM updates and emails proposed with confidence scores, gated behind your review queue.
Three releases today (v1.45–v1.47) close the gap between having connectors and using them —
and give agents a governed way to act on what they learn.
Credentials without psql (v1.45)
Every source that needs auth now has a Connect button on /dashboard/sources: paste a HubSpot
private-app token or a Slack bot token, and it's AES-GCM-encrypted into the vault — plaintext never
touches the DB or logs. Headless installs use the CLI:
npm run creds:set -- --project acme --source hubspot --token pat-na1-…
Credentials are per-connector (v1.46): one HubSpot token serves your deals, contacts, and companies sources alike. Each source tile shows what it pulls and what it has — object type + "N documents ingested".
Durable Google auth (v1.47)
Google access tokens die hourly, so pasting one was a stopgap. Now a one-time consent flow stores a refresh token and connectors mint fresh access tokens per run, automatically:
npm run google:oauth -- --project acme --client-id … --client-secret … --sources gmail,drive
Gmail (read + gated send), Drive, and GA4 stay connected indefinitely.
propose_action: recommendations with confidence (v1.47)
Agents get hands — safely. The new propose_action tool lets an agent propose any registered
connector write (hubspot.update, gmail.send) carrying a confidence score (0–1), a rationale,
and evidence links. The proposal rides the authz gate into the unified review queue as a pending
run: the agent recommends, a human decides. Approve and it executes with vault credentials;
reject and that's signal too.
This is the substrate for the pattern we're running internally: agents sweep the last 48 hours of mail, detect what moved a deal forward or backward, and queue the CRM updates — start dates, next actions, values, probabilities — each scored, each awaiting a human click. Decisions accumulate toward a trust ladder where well-proven update types graduate from recommended to automated.
Also in this cut: workspace:apply --project <id|slug> binds authored workspaces straight to a
project (no more placeholder-org re-keying), a sync:source CLI for backfills with progress, and a
green CI so GitHub Releases cut automatically again.
See Connecting sources and Actions.