Knogin
[Developers]

AI Builder Partner, Workflow Canvas Co-Pilot

The AI Builder Partner is a human-in-the-loop design co-pilot embedded directly in the visual workflow canvas, turning plain-English intent into validated, reviewable flow proposals that nobody applies until you accept t

Back to All Modules
Category: AiLast Updated: May 26, 2026
aicompliance

Overview#

The AI Builder Partner is a human-in-the-loop design co-pilot embedded directly in the visual workflow canvas, turning plain-English intent into validated, reviewable flow proposals that nobody applies until you accept them.

Platform builders and operations analysts spend a great deal of their time wiring up workflows, security playbooks, and alert-triage flows node by node, then hunting for the gaps before they publish. The Builder Partner compresses that effort. Describe what you want in ordinary language and receive a structured flow ready for review, ask the co-pilot to finish a skeleton you started, or request a lint-style critique that flags weak spots before anything goes live. Every response is a proposal shown on the canvas side-panel for you to accept or reject, so the design always reflects a deliberate human decision rather than an automated guess.

Because the co-pilot also works in reverse, generating clear written summaries of any flow on demand, teams get documentation and handover notes for free. The result is faster design, fewer errors, and artefacts that are easier to explain to colleagues, auditors, and new joiners, all without leaving the canvas.

Key Features#

  • Plain-English to validated flow: Describe a workflow or playbook in everyday language and receive a structured, validated graph of nodes and connections, complete with a confidence score and any assumptions the co-pilot flagged as warnings. Available on the premium tier.

  • Voice-driven design: Speak your intent and the co-pilot transcribes the audio, shows you the transcript for confirmation, then turns it into a flow proposal, so designers can sketch ideas hands-free or in the field.

  • Skeleton completion: Start a partial flow and ask the co-pilot to fill in the missing nodes and connections needed to make it operational. Existing nodes and connections are always preserved, and every addition is itemised in a plain list of changes.

  • Next-node suggestions: Get the top candidate next steps for wherever you are on the canvas, each with a one-line rationale and a confidence value, so you can extend a design without breaking flow.

  • Lint-style critique: Run a strict quality review that returns issues graded by severity, each with a clear explanation and a concrete fix, catching security, correctness, completeness, and best-practice problems before you publish.

  • Plain-English explanations: Produce a concise written summary of what any flow actually does, ideal for handover, documentation, and review, plus a fuller written description for non-technical audiences.

  • Strictly human-in-the-loop: Every operation returns a proposal only. Nothing is ever applied automatically. Acceptance is an explicit, separate action recorded distinctly from the original generation.

  • Multi-artefact coverage: One co-pilot supports five canvas types: workflows, security playbooks, alert-triage flows, threat models, and investigation storyboards, each with its own vocabulary of valid node types.

  • Full provenance on every call: Each operation records the model used, a prompt fingerprint, token count, cost, and confidence, giving teams a complete and tamper-evident trail of what was generated and what was accepted.

  • Cost-aware model routing: Work is matched to the right-sized model automatically, escalating from a lightweight model for explanations and descriptions, through fast and mid-weight models for suggestions and critique, up to the largest model for plain-English-to-flow conversion.

Use Cases#

Platform Builders and Integration Teams#

Compose automation workflows that wire triggers, conditions, transforms, and downstream actions together. Start a skeleton, let the co-pilot complete it, then read back a generated explanation to confirm the logic matches the intended business process before publishing.

Security Operations and SOC Analysts#

Design security playbooks that enrich, notify, escalate, and close, and build alert-triage flows that ingest, score, suppress noise, and open cases. Run a critique pass to surface missing escalation paths or unsafe steps before the playbook ever fires in production.

Threat Modelling and Risk Teams#

Lay out threat models linking actors, assets, threats, controls, and vulnerabilities on the canvas, then ask for a critique to highlight gaps in coverage and a plain-English summary for sharing with stakeholders.

Investigations and Casework#

Assemble investigation storyboards that sequence phases, findings, evidence, and timeline events. Dictate the outline by voice in the field, review the transcript and proposed structure, and accept only what fits the case.

Documentation and Handover#

Any team can turn an existing flow into clear written prose on demand, producing onboarding material, audit narratives, and change-review notes without manual rewriting.

Integration#

The Builder Partner is exposed through the platform GraphQL surface as a set of design-assist operations the canvas calls directly: top-K next-node candidates, skeleton completion, lint-style review, plain-English explanation, description-to-flow conversion on the premium tier, flow-to-description conversion, and a voice path that transcribes spoken audio before conversion. A dedicated acceptance operation records when a designer applies a proposal, keeping generation and acceptance as separate, distinguishable events.

Access is governed by the platform OAuth2 and JWT session model, with fine-grained authorisation checks ensuring only users with write access to workflow definitions can invoke the co-pilot. Flows are exchanged as plain JSON graph documents of nodes and connections, so any frontend canvas, scripted client, or partner tool that can speak JSON can plug in. Generated proposals flow back into the same canvas the designer already uses, and accepted suggestions, along with their full provenance, are written to the platform's immutable audit log alongside the rest of the organisation's activity.

Speech input is handled by an open transcription model, and the normalised flow document model means a workflow drafted by voice, by plain English, or by hand all share one consistent shape that downstream publishing and execution services already understand.

Open Standards#

  • GraphQL (https://spec.graphql.org/): the entire design-assist API is delivered over a standards-compliant GraphQL schema, so clients use one well-defined contract for every operation.
  • JSON / RFC 8259 (https://www.rfc-editor.org/rfc/rfc8259): flow graphs are exchanged as plain JSON documents of nodes and connections, the universal interchange format for the canvas and any integrating tool.
  • OAuth 2.0 / RFC 6749 (https://www.rfc-editor.org/rfc/rfc6749): sessions are established through the platform OAuth2 model before any co-pilot operation is permitted.
  • JSON Web Token (JWT) / RFC 7519 (https://www.rfc-editor.org/rfc/rfc7519): authenticated calls carry signed JWT session credentials for verifiable, stateless authorisation.
  • Directed Acyclic Graph (DAG): every workflow, playbook, and storyboard is modelled as a DAG of nodes and connections, the standard structure for dependency-ordered automation.
  • Whisper speech-to-text: voice-driven design uses the open Whisper transcription model to convert spoken audio into text before flow generation.
  • SHA-256 / FIPS 180-4 (https://csrc.nist.gov/pubs/fips/180-4/final): each operation records a SHA-256 prompt fingerprint, giving a stable, verifiable reference to the exact request in the audit trail.

Security & Compliance#

Every operation is strictly human-in-the-loop. The co-pilot only ever returns proposals, and no generated change is applied to an artefact without an explicit, separately recorded acceptance by the user. Authorisation is enforced before each call: a user must hold write access to workflow definitions, scoped to their own organisation, and requests are validated and bounded (including a hard cap on graph size) before any model is invoked.

Provenance is comprehensive. Each generation records the model used, a prompt fingerprint, token count, cost, and confidence, and each acceptance is logged as a distinct event with the same provenance, so reviewers can always tell what was proposed, by which model, at what cost, and what a human chose to apply. All of this is written to the organisation's immutable audit log, supporting accountability, cost governance, and compliance review.

Last Reviewed: 2026-05-26 Last Updated: 2026-05-26

Ready to Build?

Get started with our APIs or contact our integration team for support.