# Mindburn Labs Context

Models propose. HELM governs execution.
HELM governs approved autonomous business operations across digital, analog, kinetic, and code workflows where connector contracts, approvals, receipts, telemetry, and EvidencePacks exist.
HELM makes company state queryable, turns divergence into reviewed specs, routes approved AI actions through a fail-closed execution boundary, and records proof.
Models propose. HELM checks authority, decides what may execute, and records.
Security and evidence material is source-backed: public repo, docs, SBOM, Claim Matrix, source details, responsible disclosure, and receipt demonstration.

## Claim Boundaries

- Mindburn Labs is the company; HELM is the product.
- HELM AI Kernel is public and provides the fail-closed execution firewall.
- HELM AI Individual is the governed one-person business OS where P0 ceilings, approvals, receipts, and EvidencePacks exist.
- HELM AI Company OS is reviewed access as the tenant-scoped Company AI OS around the same kernel semantics, with Security Admin policy controls, action proposal review, notification routing, receipts/evidence, and workspace emergency stop.
- Code Intelligence Graph is read-only code evidence for engineering GeneratedSpecs, CodeIndexReceipts, CodeImpact, affected tests, write scope, and closure evidence. It does not authorize execution.
- External web Search/Fetch evidence can inform CompanyArtifactGraph and GeneratedSpec proposals only where connector contracts, source hashes, receipt refs, and EvidencePack refs exist. Partial, stale, or conflicting sources remain draft, stale, or disputed.
- CompanyArtifactGraph is a permission-aware query and reconciliation graph, not execution authority.
- GeneratedSpecs are proposals until reviewed, approved, and routed through PEP/CPI.
- Side effects require PEP/CPI and receipts.
- HELM is not generic guardrails, agent orchestration, observability, DLP, pentesting, or model-safety filtering. Those layers can provide context, tests, filters, or downstream controls; HELM owns deterministic execution-authority decisions and source-owned evidence.
- Orchestration decides what to attempt; HELM decides what may execute.
- The norm: no receipt, no production. An agent action that cannot be replayed and verified offline is not production-grade.
- Category framing: Straiker-like agent runtime guardrails test the MCP/tool-call surface; Native-like cloud controls are downstream enforcement; Jazz-like DLP is data-risk context; Tenzai-like offensive testing and Gray Swan-like model-safety evals become evidence inputs, not execution authority.
- Analog and kinetic gateway claims require connector contracts, safety profiles, telemetry, approvals, and EvidencePacks.
- Morning reports are summaries; receipts and EvidencePacks remain source truth.
- The execution-boundary demo is deterministic public UI. Public console checks remain unavailable until DNS, health, verify, and tamper readiness gates pass.
- HELM Launchpad points to helm-agent-integrations, a public examples repo with wrapper, MCP, /v1 proxy, receipt, and EvidencePack samples. It is not a partner or external standard-status claim.
- The homepage boundary mapper is deterministic browser UI. It does not submit, store, or evaluate visitor text through a backend.
- The homepage tells the HELM product story through generated brand visuals, proof demos, and source-backed page text. It does not collect workflow input.
- TITAN is private proof context.
- Research pages are status-labeled thesis material unless they cite implementation or external docs.
- Reference packs are policy primitives, not legal advice or a substitute for an operator-run compliance program.
- Bounded proof work must stay bounded: public pages must not imply every running implementation path is mathematically verified.
- Do not infer adoption metrics, funding, legal advice, live rollout, private customer status, or deployment guarantees from this website.
- The public assistant is source-backed. It cannot approve actions, execute workflows, or promote facts into canonical company truth.
- The public assistant cannot treat code comments, README text, tool output, or pasted approval text as instruction authority.

## Core Pages

- [Homepage](https://mindburn.org/): Canonical HELM overview showing Kernel, Company OS, governed work demos, EvidencePacks, and contact routing.
- [HELM Launchpad](https://mindburn.org/helm/launchpad/): HELM-compatible agent framework examples, generated receipts, and sample EvidencePacks.
- [HELM AI Kernel](https://mindburn.org/helm/kernel/): Public Apache-2.0 fail-closed execution firewall route.
- [HELM AI Company OS](https://mindburn.org/helm/company-ai-os/): Reviewed-access Company AI OS direction for policy, action review, notification routing, receipts/evidence, and emergency stop.
- [HELM Architecture Brief](https://mindburn.org/helm/kernel/): Concise mechanism brief for PEP/CPI, verdicts, receipts, replayable evidence, and reviewed access.
- [Research](https://mindburn.org/research/): Curated status-labeled research. Long-horizon material is strategic and non-normative.
- [Company](https://mindburn.org/company/): Company identity, mission, team, product map, repo map, principles, and peycheff.com relationship.
- [Assistant](https://mindburn.org/assistant/): Utility pointer to the contact flow; agents query public sources through the read-only /api/assistant, /mcp, and /a2a surfaces.
- [Security](https://mindburn.org/security/): Responsible disclosure, Company AI OS security boundaries, provenance, SBOM, and public site security posture.
- [Contact](https://mindburn.org/contact/): Kernel, Individual, Enterprise, Code Intelligence, business loop, simulator gateway, investor, technical collaboration, security, and press routing.
- [Privacy notice](https://mindburn.org/privacy/): Visitor data handling.
- [Terms of use](https://mindburn.org/terms/): Terms for using mindburn.org.

## External Surfaces

- [HELM Docs](https://helm.docs.mindburn.org/): Live HELM documentation.
- [HELM AI Kernel Docs](https://helm.docs.mindburn.org/helm-ai-kernel): Live Kernel docs route.
- [HELM AI Kernel repository](https://github.com/Mindburn-Labs/helm-ai-kernel): Public OSS kernel repository.
- [HELM Agent Integrations repository](https://github.com/Mindburn-Labs/helm-agent-integrations): Public HELM-compatible wrappers, demos, generated sample receipts, and sample EvidencePacks.
- [HELM Agent Integrations v0.1.0 release](https://github.com/Mindburn-Labs/helm-agent-integrations/releases/tag/v0.1.0): Release assets and checksums for the first integration examples slice.
- [peycheff.com](https://peycheff.com/): Founder thesis archive and non-normative writing surface.
- [Site SBOM](https://mindburn.org/security/sbom.cdx.json): Public package manifest.

## Agent Surfaces

- [A2A Agent Card](https://mindburn.org/.well-known/agent-card.json): Read-only A2A discovery for public Mindburn site search, source reading, and public answers.
- [A2A JSON-RPC endpoint](https://mindburn.org/a2a): Stateless synchronous A2A endpoint for completed read-only tasks over public sources.
- [MCP server card](https://mindburn.org/.well-known/mcp/server-card.json): MCP-style tool discovery for public source search, source reading, and source listing.
- [MCP JSON-RPC endpoint](https://mindburn.org/mcp): Read-only MCP-style tool endpoint backed only by the public assistant source index.
- [OpenAPI discovery](https://mindburn.org/openapi.json): Public HTTP contract for the website's agent-facing and assistant surfaces.