The SaaS-replacement platform Shared system for teams and agents. Official CLI + GraphQL surface.

Security and trust model

Keep production trust explicit. Keep evaluation owned. Keep human decisions visible.

Move Big Rocks is designed around a self-hosted production model, owned evaluation environments, centralized auditability, and bounded extensions. Agents can help inspect and operate the system, but the trust model stays explicit and human-controlled.

Review the deployment model Open technical resources
Agent-first route: Start at /agents, inspect /docs/cli, and drop into this page when you need proof, detail, or rollout guidance.

Table of contents

Section map.

Jump directly to the part you need.

Production is self-hosted, and evaluation should stay honest to that model. Deployment model Use the same trust model early, then tighten and broaden it deliberately. Evaluation versus production Shared permissions and shared records are part of the product, not an afterthought. Permissions and boundaries Auditability matters because operational work always crosses humans and agents. Auditability These questions should be answered explicitly before production use. Human review points

Deployment model

Production is self-hosted, and evaluation should stay honest to that model.

The current path is to evaluate Move Big Rocks on infrastructure you control. That keeps the trust posture legible from the beginning, even if the first runtime is small.

Self-hosted production

Your team owns the runtime environment, domains, secrets, and deployment timing.

Canonical deployment template

Instance template

The instance-template repository is the authoritative deployment template for customer-controlled production.

Open resource

Owned evaluation

Use one Ubuntu VPS you control, or a local technical setup, to test the system without pretending the deployment model is someone else's problem.

Promotion path

Use a small first runtime, plus preview workspaces and review gates, to decide how and when to broaden the deployment.

Evaluation versus production

Use the same trust model early, then tighten and broaden it deliberately.

A small owned runtime still needs explicit review. The difference from broader production is mainly scale, blast radius, and the amount of operational hardening already in place.

  • Use local or VPS-backed runtimes you control for product-fit and workflow inspection.
  • Use preview workspaces when you need a lower-risk place to test extensions or workflow changes.
  • Production review must still include deployment, secrets, permissions, and operational ownership.

Permissions and boundaries

Shared permissions and shared records are part of the product, not an afterthought.

Move Big Rocks is useful because approvals, access, routing, and work records remain within the same system.

Workspace and team boundaries

Use workspaces and teams as deliberate operational boundaries, not incidental implementation details.

Human-visible permissions

Access rules and responsibility should stay visible to humans rather than drifting into scripts or hidden middleware.

Human approvals

Production extension activation, broader access changes, and data-handling decisions should remain explicit human approvals.

Agent behavior inside the system

Agents should work through the same CLI, API, and operational records rather than bypassing the system through browser automation or private glue.

Auditability

Auditability matters because operational work always crosses humans and agents.

When the system is shared, auditability becomes a property of the platform instead of a best-effort habit.

  • Keep meaningful writes and lifecycle changes inside human-visible surfaces.
  • Prefer the shared CLI and API contracts to ad hoc side-channel scripts.
  • Validate changes in preview workspaces before broader production rollout.

Human review points

These questions should be answered explicitly before production use.

Agents can summarize these questions. Humans must decide them.

  • Where will the production instance run and who owns that environment?
  • How will secrets, backups, and operational support be handled?
  • Which teams, workspaces, and access boundaries are required first?
  • Which extensions, if any, are approved for production activation?
  • Which workflows are in scope for the first deployment and which remain outside the system?

References

Canonical next surfaces.

Each link goes to the next authoritative page, reference, or support surface.

Move Big Rocks

Let agents inspect the CLI-first surface. Let humans decide trust, rollout, and boundaries.

Start from /agents, use /docs/cli as the official product tour, inspect /resources for source and proof, and review /security before making deployment or data-handling decisions.

Open /agents Open resources