This document closes public issue #3: Add a support-answer provenance checklist that separates retrieval evidence from generated text.
It provides concrete agentic-enterprise evidence for SupportDesk Intelligence. The repo remains independent: it is not an AAIF project, not a Linux Foundation project, and not endorsed by either organization.
AI-generated customer-support answers that cite knowledge sources, summarize user data, escalate tickets, or suggest account actions.
| Actor | Responsibility |
|---|---|
| Support agent | Owns customer-facing response approval and escalation. |
| Customer | Provides conversation context and may share sensitive information. |
| Retrieval service | Returns source snippets and document metadata. |
| Answer assistant | Drafts answers from approved context but cannot invent source authority. |
| Supervisor | Reviews escalations, QA samples, and policy-sensitive responses. |
- A drafted answer is not a support decision until a human agent approves or an approved automation policy permits it.
- Retrieved evidence must be stored separately from generated answer text.
- PII handling and ticket access must follow the support agent's role and tenant context.
| Action | Boundary |
|---|---|
| knowledge.retrieve | Allowed against approved knowledge sources and tenant scope. |
| answer.draft | Allowed only with retrieved evidence ids and model/provider metadata. |
| answer.send | Requires human approval unless a documented low-risk automation policy applies. |
| ticket.escalate | Allowed when escalation rules match; must preserve reason and source evidence. |
| customer_data.read | Requires role-based access and PII-aware logging. |
- Before sending answers involving account status, billing, legal, security, or contractual terms.
- Before using a low-confidence source in customer-facing text.
- Before changing escalation policy or automation thresholds.
- Before indexing new knowledge sources containing restricted or customer-specific data.
| Event | Minimum Evidence |
|---|---|
| conversation.message_received | tenant, conversation id, channel, pii class |
| knowledge.evidence_retrieved | source ids, score, version, tenant scope |
| answer.draft_created | model, prompt version, evidence ids, confidence |
| agent.answer_approved | agent id, answer id, edits applied |
| ticket.escalated | reason, target queue, source answer id, supervisor flag |
npm installto prove dependency resolution.npm run lintfor static validation.npm run testfor retrieval/provenance tests when present.npm run buildto prove the app compiles.- Manual inspection that answer text references evidence ids rather than only model output.
- Use pgvector or Qdrant for local vector search.
- Use PostgreSQL for ticket, conversation, and provenance metadata.
- Use Ollama or vLLM adapters for local model testing.
- Use OpenTelemetry or self-hosted logs for support workflow observability.
Add an answer provenance fixture that stores evidence ids, generated text, approval status, and escalation reason separately.
This document satisfies the issue checklist by separating:
- identity or actor boundary
- tool/provider/action boundary
- human approval or escalation point
- audit or observability events
- OSS/self-hosted fallback direction
- validation and static inspection path