Flow Profile treats AI as an optional, pluggable layer. The core product works entirely without AI, and all AI integration happens after redaction and deterministic bundle generation.
- Optional by default: The app is fully usable with AI disabled.
- Redaction first: AI only receives the sanitized bundle outputs.
- Model agnostic: One stable adapter interface, multiple providers.
- Transparent inputs/outputs: Users can inspect exactly what is sent and what returns.
- Fail closed: AI errors never block exports or core functionality.
generateSuggestions(bundle, options) -> { suggestions, evidenceRefs }
Where:
bundleis the deterministic, redacted context bundleoptionsincludes provider config, timeouts, and limitssuggestionsis a provider-agnostic list of recommendation itemsevidenceRefspoints back to bundle sections for traceability
- Parse flows
- Expand subflows
- Redact secrets
- Detect risks
- Budget tokens
- Generate outputs (bundle artifacts)
- Optional: AI adapter consumes the bundle and returns suggestions
- Timeouts return an empty suggestion set.
- Errors are surfaced in UI without blocking exports.
- The bundle remains the source of truth.
- Adapter interfaces and stubs:
packages/ai - UI integration:
apps/web(AI panel consumes adapter output)
- Automatic external calls without explicit user intent
- Provider-specific UI that locks the product to one model
- Hidden prompts or opaque transformations