Operational security for AI-governed commerce

Every action JawaBee proposes passes through a governance layer — approval queues, policy limits, tool allowlists, and immutable audit logs.

Human approval required for sensitive operationsMerchant-defined policy limits enforced at runtimeImmutable audit trail by default

Six layers of operational security

Approval model

Every AI-proposed action enters a review queue before execution. Refunds, cancellations, and discounts always require explicit human sign-off — no action executes until a merchant approves it.

Update order status
Send coupon 10%

Policy limits

Hard runtime limits on amounts, frequencies, and action types. A max coupon value of 50 SAR, set once, cannot be exceeded by the AI — even under ambiguous or edge-case instructions.

Auto-reply
Max coupon 50 SAR
9AM6PM

Tool allowlist

JawaBee can only invoke tools you have explicitly allowlisted. No open API access. No undeclared side effects. The AI cannot take an action that isn't on your approved list.

reply_customercreate_couponupdate_order
+ 3 more allowed

Audit log

Every proposed action, approval decision, and execution is appended to an immutable audit log — timestamped, correlated by request ID, and fully retrievable for compliance or operational review.

10:42
policy.eval → allow
10:41
approval.approved
10:39
action.executed

Tenant isolation

Each merchant operates in a fully isolated environment. No shared database connections, no cross-tenant queries — customer data cannot leak between workspaces by design.

Al-Noor Market
Isolated ✓tenant_291

Secrets Management

API keys and credentials are stored via vault references — never in plaintext in logs, databases, or AI context windows. Secrets never appear in JawaBee's reasoning trace.

🔑SALLA_API_KEY
vault://salla/api_key
Encrypted at rest
Live

Security Monitor

Live operational view of your security and governance posture

security.monitor
System Status
System Status
Operational
Policy Engine
Active
Audit Pipeline
Healthy
Integrations Health
3/3 Connected
Last compliance snapshot
Ready
View audit log
Activity Stream
10:42:31policy.evalallow
10:41:18approval.approvedorder status update
10:39:55action.executedwhatsapp reply sent
10:38:10audit.appendedcorrelation_id linked

Your customer data remains isolated, encrypted, and fully controlled by your workspace.

  • Customer data is never sold or shared with third parties
  • Store data is never used to train general AI models
  • All data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Data retention periods are merchant-controlled and configurable
Encryption Pipeline
Client
AES-256
Vault
In Transit
TLS 1.3
At Rest
AES-256
Isolated
Per Tenant

Only low-risk operations execute automatically under merchant-defined policies.

  • Order status and shipping notifications
  • Product and policy information replies
  • Discount coupons within merchant-defined limits

Sensitive operations require explicit human approval before execution.

  • !Refunds and order cancellations
  • !Discounts exceeding policy thresholds
  • !Any action flagged high-risk by the policy engine

Compliance & Standards

Designed for PDPL ComplianceData Encrypted at Rest & in TransitAES-256 EncryptionWorkspace-Level Data Isolation