Project Assets
The AICOS Boardroom and Personal Assistant Hub both surface an "Artifacts & Files" panel on every project detail page. This panel lists everything the agent has produced in the course of working on a project, so users can open prior work, edit OneDrive files in Office Online, or remove an item from the project without deleting the underlying artifact.
What gets tracked
Two kinds of project outputs are captured:
| Kind | Where it lives | Example |
|---|---|---|
| Artifact | AgentArtifacts table (in-platform) | A markdown report, a JSON dataset, an HTML analysis the agent generated with the store_artifact tool |
| OneDrive file | The user's OneDrive under /Outermind/Projects/{project-name}/ | A DOCX status report, an XLSX model, a PDF summary the agent produced with the save_file_to_onedrive tool |
Both kinds are linked to the project through a ProjectAssets row, which captures who created it, when, and (for OneDrive files) where it lives in Graph.
Where it appears
| Surface | Page | URL pattern |
|---|---|---|
| Boardroom (AICOS) | Project detail | /boardroom/projects/{projectId} |
| PA Hub | Project detail | /pa-hub/projects/{projectId} |
The panel sits below the project's task list and shows two tabs:
- Artifacts with a count badge (e.g. "Artifacts (3)")
- Files with a count badge
Each tab has its own empty state ("No artifacts yet" or "No files saved to OneDrive yet").
Row actions
Artifacts tab
| Action | Behavior |
|---|---|
| Open | Loads the artifact body into a viewer modal. JSON is pretty-printed, HTML is sanitized via DOMPurify, markdown and text render as preformatted text. |
| Remove | Soft-deletes the link (the artifact row itself is preserved). Requires Edit mode in the Boardroom; always available in PA Hub. A confirmation dialog appears before removal. |
Files tab
| Action | Behavior |
|---|---|
| Open | Opens the OneDrive view URL in a new tab. |
| Edit | Opens the file in Office Online for in-place editing. Hidden when the edit URL is unavailable for the file type or tenant policy. |
| Remove | Soft-deletes the link. The OneDrive file is NOT deleted. |
If a file's link becomes broken (the file was moved or deleted in OneDrive), the row appears in a muted style with a "Link unavailable - file may have moved" note, and the Open and Edit actions are hidden.
How files reach the project folder
When AICOS or the PA calls save_file_to_onedrive during a project turn, the runtime:
- Validates the file extension against an allowlist (
txt,md,json,csv,html,htm,docx,xlsx,pptx,pdf,rtf) and rejects any blocked MIME types (executable, script, generic binary). - Slugifies the project name into a safe folder segment.
- Uploads to
/Outermind/Projects/{project-slug}/{file-name}under the user's drive, using rename conflict behavior (an existing file with the same name is preserved and the new upload is auto-renamed). - Resolves the OneDrive view URL and, where allowed by tenant policy, an Office Online edit URL.
- Records the
ProjectAssetsrow so the file appears on the project detail page.
If the upload succeeds but the project link cannot be recorded, the agent surfaces a partial-success result so the file still exists at the returned URL even though it does not appear on the project page.
URL freshness
OneDrive view and edit URLs are re-resolved through Microsoft Graph at most once every 24 hours. Stale URLs are nulled in the API response before refresh runs, so the panel never serves a potentially dead link. If Graph reports the file as missing, the row is marked broken; transient Graph errors leave the row alone and the panel will retry on the next page load.
Tenant and ownership rules
| Rule | Applies to |
|---|---|
| Every list and delete request is scoped by the caller's tenant from the JWT. Query-string tenant values are never trusted. | All endpoints |
| Boardroom requests must additionally match the tenant's CAIOO agent on the project row. | /api/console/caioo/projects/... |
| PA Hub requests must additionally match the caller's PA agent on the project row. | /api/pa/projects/... |
| Removal is always a soft delete. The underlying artifact row and the OneDrive file are preserved. | Both |
| Artifact open from a project page goes through the project link, so users do not need the broader "artifacts:read" admin permission to open project artifacts they own. | Both |
Permissions
| Action | CAIOO (Boardroom) | PA Hub |
|---|---|---|
| List artifacts and files | caioo:projects:read | Authenticated user who owns the project |
| Open an artifact | caioo:projects:read | Authenticated user who owns the project |
| Remove a link | caioo:projects:write (and the project must be in Edit mode) | Authenticated user who owns the project |
Limitations
- The panel only surfaces work the agent created during a project turn. Files placed in the OneDrive folder out-of-band do not appear automatically.
- Image previews and inline rendering for OneDrive files are not supported in the panel; clicking Open is the way to view them.
- A backfill job to retroactively link historical artifacts to projects is not currently available.