This document closes public issue #3: Document transcript provenance and retention controls for private enterprise video knowledge.
It provides concrete agentic-enterprise evidence for KnowledgeStream Hub. The repo remains independent: it is not an AAIF project, not a Linux Foundation project, and not endorsed by either organization.
Private video ingestion, transcript generation, transcript correction, semantic indexing, search-answer generation, access-controlled sharing, retention changes, and recording export.
| Actor | Responsibility |
|---|---|
| Content owner | Owns recording classification, audience, retention class, and sharing scope. |
| Knowledge reviewer | Reviews transcripts, tags, summaries, and searchable snippets. |
| AI knowledge assistant | Proposes transcripts, summaries, tags, and search answers. |
| Search/index provider | Stores or retrieves transcript chunks under approved scopes. |
| Maintainer | Reviews provenance, retention, provider fallback, and audit evidence. |
- Recording ownership, viewer access, transcript reviewer authority, and AI assistant capability must be separate.
- The AI knowledge assistant cannot widen audience, bypass retention, or approve transcript publication.
- Every recording and transcript must preserve source, owner, classification, retention, provider, and reviewer state.
- Provider credentials, private transcript text, and restricted recordings must never be exposed in public prompts or examples.
| Action | Boundary |
|---|---|
| ingest_recording | Allowed only with declared owner, classification, source, and retention class. |
| generate_transcript | Requires access check and provider-scope decision. |
| index_transcript | Allowed only for approved transcript chunks and declared retention. |
| answer_from_video | Must return provenance and respect viewer authorization. |
| export_recording | Requires content-owner approval and retention/audience recheck. |
- Before publishing transcripts or summaries for executive, HR, legal, customer, or regulated recordings.
- Before widening video or transcript audience.
- Before exporting recordings or transcript packages outside the workspace.
- Before changing retention class, legal hold, or deletion policy.
- Before changing transcript/search providers for restricted content.
| Event | Minimum Evidence |
|---|---|
| recording.ingested | recording id, owner, source, classification, retention |
| transcript.generated | recording id, provider, model, language, reviewer state |
| transcript.indexed | transcript id, index id, chunk policy, retention class |
| video_answer.generated | query hash, viewer, source chunks, authorization decision |
| recording.exported | recording id, destination, approver, retention state |
bun installto prove dependency resolution.bun run lintto prove static project health.bun run testfor transcript, search, retention, and audit fixtures when available.bun run buildto prove the application compiles.- Use synthetic recordings and redacted transcript fixtures in public proof.
- Use Whisper-compatible local transcription for public examples where feasible.
- Use PostgreSQL, SQLite, or local vector stores for transcript/search fixtures.
- Use S3-compatible storage such as MinIO for local recording storage.
- Keep hosted transcription, search, analytics, and storage providers behind explicit adapters.
Add a small transcript fixture that maps recording owner, classification, transcript provider, index policy, viewer authorization, and export approval.
This document satisfies the issue checklist by separating:
- identity or actor boundary
- tool/provider/action boundary
- human approval or escalation point
- audit or observability events
- OSS/self-hosted fallback direction
- validation and static inspection path