diff --git a/.github/workflows/block-internal-paths.yml b/.github/workflows/block-internal-paths.yml new file mode 100644 index 00000000..da4679b2 --- /dev/null +++ b/.github/workflows/block-internal-paths.yml @@ -0,0 +1,95 @@ +name: Block internal-flavored paths + +# Hard CI gate. Internal content (positioning, competitive briefs, sales +# playbooks, PMM/press drip, draft campaigns) lives in Molecule-AI/internal — +# this public monorepo must never re-acquire those paths. CEO directive +# 2026-04-23 after a fleet-wide audit found 79 internal files leaked here. +# +# Failure mode without this gate: agents (PMM, Research, DevRel, Sales) drop +# briefs into the easiest path their cwd resolves to (root /research, +# /marketing, /docs/marketing) and gitignore alone won't catch a `git add -f` +# or a stale gitignore line. This workflow is the mechanical backstop. + +on: + pull_request: + types: [opened, synchronize, reopened] + push: + branches: [main, staging] + +jobs: + check: + name: Block forbidden paths + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 2 # need previous commit to diff against on push events + + - name: Refuse if forbidden paths appear + run: | + # Paths that must NEVER live in the public monorepo. Add to this + # list narrowly — broader patterns belong in .gitignore so day-to-day + # docs work isn't accidentally blocked. + FORBIDDEN_PATTERNS=( + "^research/" + "^marketing/" + "^docs/marketing/" + "^comment-[0-9]+\.json$" + "^test-pmm.*\.(txt|md)$" + "^tick-reflections.*\.(txt|md)$" + ".*-temp\.(md|txt)$" + ) + + # Determine the diff base. + if [ "${{ github.event_name }}" = "pull_request" ]; then + BASE="${{ github.event.pull_request.base.sha }}" + HEAD="${{ github.event.pull_request.head.sha }}" + else + BASE="${{ github.event.before }}" + HEAD="${{ github.event.after }}" + fi + + # Files added or modified in this change. + if [ -z "$BASE" ] || echo "$BASE" | grep -qE '^0+$'; then + # New branch / no previous SHA — check entire tree. + CHANGED=$(git ls-tree -r --name-only HEAD) + else + CHANGED=$(git diff --name-only --diff-filter=AM "$BASE" "$HEAD") + fi + + if [ -z "$CHANGED" ]; then + echo "No changed files to inspect." + exit 0 + fi + + OFFENDING="" + for path in $CHANGED; do + for pattern in "${FORBIDDEN_PATTERNS[@]}"; do + if echo "$path" | grep -qE "$pattern"; then + OFFENDING="${OFFENDING}${path} (matched: ${pattern})\n" + break + fi + done + done + + if [ -n "$OFFENDING" ]; then + echo "::error::Forbidden internal-flavored paths detected:" + printf "$OFFENDING" + echo "" + echo "These paths belong in Molecule-AI/internal, not this public repo." + echo "See docs/internal-content-policy.md for canonical locations." + echo "" + echo "If your file is genuinely public-facing (e.g. a blog post" + echo "ready to ship), use one of these alternatives instead:" + echo " • Public-bound blog posts: docs/blog/.md" + echo " • Public-bound tutorials: docs/tutorials/.md" + echo " • Public devrel content: docs/devrel/.md" + echo "" + echo "If you legitimately need to add a new top-level path that" + echo "happens to match a forbidden pattern, edit" + echo ".github/workflows/block-internal-paths.yml and update the" + echo "FORBIDDEN_PATTERNS list with reviewer signoff." + exit 1 + fi + + echo "✓ No forbidden paths in this change." diff --git a/.gitignore b/.gitignore index 23d11e41..09d7a557 100644 --- a/.gitignore +++ b/.gitignore @@ -126,3 +126,18 @@ backups/ # Cloned by publish-workspace-server-image.yml so the Dockerfile's # replace-directive path resolves. Lives in its own repo. /molecule-ai-plugin-github-app-auth/ + +# Internal-flavored content lives in Molecule-AI/internal — NEVER in this +# public monorepo. Migrated 2026-04-23 (CEO directive). The CI workflow +# .github/workflows/block-internal-paths.yml enforces this; this gitignore +# is the second line of defence so accidental local writes don't reach a +# commit. See docs/internal-content-policy.md for the full rationale. +/research/ +/marketing/ +/docs/marketing/ +# Common temp/scratch patterns agents have produced +/comment-*.json +*-temp.md +*-temp.txt +/test-pmm-*.txt +/tick-reflections-*.md diff --git a/comment-1172.json b/comment-1172.json deleted file mode 100644 index 13766134..00000000 --- a/comment-1172.json +++ /dev/null @@ -1 +0,0 @@ -{"body": "## Demo Complete \u2014 #1172 AGENTS.md Auto-Generation\n\nAll acceptance criteria met \u2705\n\n### What was built\n\nA working demo + screencast spec for the AAIF / Linux Foundation AGENTS.md standard.\n\n**Demo files:**\n- `marketing/demos/agents-md-auto-generation/README.md` \u2014 full working demo with 4 walkthrough scenarios\n- `marketing/demos/agents-md-auto-generation/narration.mp3` \u2014 30s TTS narration (en-US-AriaNeural)\n\n**Screencast outline (1 min):**\n1. Canvas: pm-agent + researcher online\n2. Terminal: researcher reads PM's AGENTS.md via platform files API\n3. AGENTS.md output \u2014 role, A2A endpoint, tools\n4. Researcher dispatches A2A task to PM using discovered endpoint\n5. Canvas shows both active \u2014 close on \"agents that can read each other\"\n\n### Repo link\n\n`workspace/agents_md.py` on `molecule-core` main\nDirect: `workspace/agents_md.py`\n\n### TTS narration script (30s)\n\n> When a PM agent starts up in Molecule AI, it generates an AGENTS.md file automatically \u2014 not manually written, not kept in sync by hand. It reflects the workspace config in real time. Any other agent can read it to discover what the PM does, how to reach it, and what tools it has. No system prompts, no guessing. Just the facts. That's the AAIF standard in action: agents that can read each other without human intervention. AGENTS.md auto-generation, from Molecule AI workspace.\n\n### Note\n\nPush pending on GH_TOKEN refresh \u2014 all files are on the `content/blog/memory-backup-restore` branch and ready.\n"} \ No newline at end of file diff --git a/comment-1173.json b/comment-1173.json deleted file mode 100644 index 9b3146fd..00000000 --- a/comment-1173.json +++ /dev/null @@ -1 +0,0 @@ -{"body": "## Demo Complete \u2014 #1173 Cloudflare Artifacts Integration\n\nAll acceptance criteria met \u2705\n\n### What was built\n\nA working demo + screencast spec showing workspace snapshot storage and forking via Cloudflare Artifacts.\n\n**Demo files:**\n- `marketing/demos/cloudflare-artifacts/README.md` \u2014 full working demo with 5 walkthrough scenarios\n- `marketing/demos/cloudflare-artifacts/narration.mp3` \u2014 30s TTS narration (en-US-AriaNeural)\n\n**Screencast outline (1 min):**\n1. Canvas: workspace online\n2. Terminal: `POST /workspaces/:id/artifacts` \u2014 repo created, remote URL returned\n3. Mint git credential via `POST /workspaces/:id/artifacts/token` \u2014 `clone_url` shown\n4. `git clone` runs, agent writes snapshot, `git push` \u2014 push succeeds\n5. Fork call: `POST /workspaces/:id/artifacts/fork` \u2014 new repo created in CF Artifacts\n6. Close on \"versioned agent state, built into the platform\"\n\n### Repo link\n\n`workspace-server/internal/handlers/artifacts.go` on `molecule-core` main\nDirect: `workspace-server/internal/handlers/artifacts.go`\n\n### TTS narration script (30s)\n\n> Cloudflare Artifacts turns your Molecule AI workspace into a versioned git repository. Attach a repo, mint a short-lived credential, and the agent can push snapshots \u2014 memory dumps, task state, config \u2014 and other agents can fork the history to bootstrap from the same point. No external git service configuration. No separate dashboard. The platform manages the credential lifecycle and the repo link. Versioned agent state, built into the platform. That's the first-mover advantage: Git for agents, from Molecule AI.\n\n### Note\n\nPush pending on GH_TOKEN refresh \u2014 all files are on the `content/blog/memory-backup-restore` branch and ready.\n"} \ No newline at end of file diff --git a/docs/internal-content-policy.md b/docs/internal-content-policy.md new file mode 100644 index 00000000..b0c5e165 --- /dev/null +++ b/docs/internal-content-policy.md @@ -0,0 +1,88 @@ +# Internal content policy + +The `Molecule-AI/molecule-monorepo` repo is **public**. Anything internal +(positioning, competitive briefs, sales playbooks, PMM/press drip, draft +campaigns, raw research notes, ops runbooks, retrospectives) lives in +**`Molecule-AI/internal`**. + +This page is the canonical decision tree. + +## Quick decision + +> *"I'm an agent (or human) about to write a markdown file. Where does it go?"* + +| If the artifact is… | Put it in… | +|---|---| +| Competitive brief, market analysis, raw research notes | `Molecule-AI/internal/research/` | +| PMM positioning draft, sales playbook, press release pre-publish | `Molecule-AI/internal/marketing/` | +| Draft campaign asset (still iterating, not yet customer-visible) | `Molecule-AI/internal/marketing/campaigns/` | +| Roadmap discussion, planning doc, retrospective | `Molecule-AI/internal/PLAN.md` or `Molecule-AI/internal/retrospectives/` | +| Runbook, ops procedure, incident postmortem | `Molecule-AI/internal/runbooks/` | +| **Public-ready** blog post (final draft, ready to ship to docs site) | `Molecule-AI/molecule-monorepo/docs/blog/` | +| **Public-ready** tutorial / quickstart | `Molecule-AI/molecule-monorepo/docs/tutorials/` | +| Public DevRel content (code samples, demos for users) | `Molecule-AI/molecule-monorepo/docs/devrel/` | +| API reference, architecture docs for external developers | `Molecule-AI/molecule-monorepo/docs/api/` | +| Code, tests, infrastructure | wherever is appropriate inside this repo | + +**Rule of thumb:** *"Would I be comfortable if a competitor / journalist / customer +read this verbatim today?"* — yes → `monorepo/docs/`. No / not yet → `internal/`. + +## Why + +This repo is publicly indexable. Anything pushed here is permanently in git +history, search-engine indexed, and accessible to anyone who clones. Past +incidents (audit 2026-04-23) found: + +- Competitive teardowns of CrewAI / Paperclip / VoltAgent at root `/research/` +- 45 marketing artifacts at root `/marketing/` including `pmm/positioning.md`, + `press/launch.md`, `sales/enablement.md` +- 31 draft campaign files at `/docs/marketing/` +- Junk temp files at root: `comment-1172.json`, `tick-reflections-temp.md` + +All migrated to `internal/from-monorepo-2026-04-23/` for curator triage. + +## Enforcement + +Three layers, all required: + +1. **`.gitignore`** — blocks the directories at `git add` time. Quietest + layer; doesn't fire if someone uses `git add -f`. +2. **CI workflow `block-internal-paths.yml`** — fails any PR that adds a + forbidden path. Mechanical backstop. Cannot be bypassed without editing + the workflow + PR review. +3. **Agent prompts** — `SHARED_RULES.md` rule (in + `molecule-ai-org-template-molecule-dev`) tells every agent role to + write internal content to `Molecule-AI/internal` directly via `gh repo + clone` + commit + PR. This is the prevention-at-source layer. + +If you're hitting the CI gate and your file genuinely belongs in this repo, +edit `FORBIDDEN_PATTERNS` in the workflow with reviewer signoff. Don't +work around the gate by renaming files. + +## How to write to the internal repo (for agents) + +```bash +# One-time clone (idempotent — re-running is a no-op) +mkdir -p ~/repos +test -d ~/repos/internal || gh repo clone Molecule-AI/internal ~/repos/internal + +cd ~/repos/internal +git pull origin main +mkdir -p research +cat > research/.md < + +…content… +EOF + +git checkout -b /research- +git add research/.md +git commit -m "research: add " +git push -u origin HEAD +gh pr create --base main --fill +``` + +Yes, this is more steps than `cd molecule-monorepo && git add research/foo.md`. +That cost is intentional: the friction is the point. Public space and +internal space are different products with different audiences and +different durability guarantees. diff --git a/docs/marketing/battlecard/phase-34-partner-api-keys-battlecard.md b/docs/marketing/battlecard/phase-34-partner-api-keys-battlecard.md deleted file mode 100644 index d37672ae..00000000 --- a/docs/marketing/battlecard/phase-34-partner-api-keys-battlecard.md +++ /dev/null @@ -1,115 +0,0 @@ -# Phase 34 — Partner API Keys Competitive Battlecard -**Feature:** `mol_pk_*` — partner-scoped org provisioning API key -**Status:** PMM DRAFT | **Date:** 2026-04-22 -**Phase:** 34 | **Owner:** PMM -**Blocking on:** PM input on partner tiers + marketplace billing (GA date now confirmed) - ---- -## Competitive Context - -No direct competitor has a published Partner API Key program at the agent orchestration layer. This is a first-mover opportunity. The battlecard row frames `mol_pk_*` as a structural differentiator — not a feature checkbox. - -**Competitor landscape (updated 2026-04-22):** - -| Competitor | Partner / API Program | Org Provisioning | CI/CD Org Lifecycle | Self-Hosted | -|------------|----------------------|-----------------|---------------------|-------------| -| LangGraph Cloud | Per-user SaaS licensing | ❌ | ❌ | ❌ (SaaS-only) | -| CrewAI | Enterprise marketplace (live) | ❌ | ❌ | ✅ (open source) | -| AutoGen (Microsoft) | None | ❌ | ❌ | ✅ (open source) | -| AWS/GCP managed | OEM resale programs (separate) | N/A | N/A | N/A | -| **Molecule AI Phase 34** | **Partner API Keys** | **✅ `POST /cp/admin/partner-keys`** | **✅ Ephemeral orgs per PR** | **✅** | - ---- - -## Feature-by-Feature Battlecard - -### 1. Partner Platform Integration - -**Buyer question:** "Can I embed Molecule AI as the agent orchestration layer for my platform?" - -| | Molecule AI Phase 34 | LangGraph Cloud | CrewAI | -|---|---|---|---| -| Programmatic org provision | ✅ `mol_pk_*` | ❌ per-user seat licensing only | ❌ marketplace listing only | -| Org-scoped keys | ✅ — key cannot escape its org boundary | N/A | N/A | -| Partner onboarding guide | ⏳ DevRel in progress | ❌ | ❌ | -| White-label / branding | ✅ via partner-provisioned orgs | ❌ | ❌ | -| API-first (no browser dependency) | ✅ | ❌ | ❌ | - -**Molecule AI counter:** "LangGraph Cloud and CrewAI are end-user platforms. Molecule AI is infrastructure your platform builds on." - ---- - -### 2. CI/CD / Automation - -**Buyer question:** "Can my pipeline spin up test orgs per PR?" - -| | Molecule AI Phase 34 | LangGraph Cloud | CrewAI | -|---|---|---|---| -| Ephemeral test orgs | ✅ via `POST` + `DELETE` partner key | ❌ | ❌ | -| Per-PR isolation | ✅ — each run gets a fresh org | ❌ | ❌ | -| Automated teardown | ✅ — `DELETE /cp/admin/partner-keys/:id` stops billing | ❌ | ❌ | -| No shared-state contamination | ✅ | ❌ | ❌ | -| CI/CD example in docs | ⏳ DevRel in progress | ❌ | ❌ | - -**Molecule AI counter:** "CrewAI's marketplace is for consuming agents. Molecule AI's partner API is for provisioning infrastructure." - ---- - -### 3. Marketplace / Reseller - -**Buyer question:** "Can I resell Molecule AI through my marketplace?" - -| | Molecule AI Phase 34 | AWS Marketplace (reseller) | GCP Marketplace | -|---|---|---|---| -| Automated provisioning | ✅ via Partner API | ✅ | ✅ | -| Marketplace-native billing | ⏳ PM to confirm | ✅ | ✅ | -| Partner API + marketplace billing | ⏳ PM to confirm | N/A | N/A | -| Programmatic org lifecycle | ✅ | ✅ | ✅ | - -**Note:** Phase 34 delivers the API side. Marketplace-native billing integration (AWS/GCP) is PM-to-confirm. - ---- - -## Positioning Claims - -**Lead claim:** ✅ VERIFIED (Research team audit, 2026-04-23) — "Molecule AI is the **first** agent platform with a first-class partner provisioning API — letting marketplaces, CI/CD pipelines, and automation platforms create and manage Molecule AI orgs via API, without a browser session." - -> **Rationale:** Competitive Intel audited LangGraph Cloud, CrewAI, Azure AI Foundry, Dify, Flowise, and n8n. None have a documented programmatic partner org provisioning API equivalent to `mol_pk_*`. Use **"first-mover"** framing (not "only") for legal defensibility — a competitor could launch tomorrow. - -**Supporting claims:** -1. **Org-scoped by design** — `mol_pk_*` keys cannot escape their org boundary. Compromised keys neutralize with one API call. -2. **CI/CD-native** — ephemeral test orgs per PR. No shared state. No manual cleanup. -3. **Platform-first** — LangGraph charges per seat. CrewAI offers marketplace listing. Molecule AI offers an API to build either. - -**Risks to monitor:** -- AWS/GCP/Azure publish their own partner/OEM programs → Phase 34 becomes table stakes faster -- CrewAI ships partner API → first-mover window closes; update claim to "pioneered" framing - ---- - -## Language to Avoid - -- ~~Do not claim "only platform with partner API" unless verified~~ — **RESOLVED:** Use "first-mover" / "first agent platform" language. Do NOT use "only" (legal risk if competitor ships). -- Do not mention specific pricing tiers until PM confirms -- Do not promise marketplace billing integration until PM confirms - ---- - -## Update Triggers - -| Event | Action | -|-------|--------| -| CrewAI launches partner API | Update lead claim → "first agent platform with partner API" | -| AWS/GCP publish agent OEM program | Add OEM row, frame Molecule AI as OEM alternative | -| Phase 34 GA date confirmed | Open social copy brief, notify Social Media Brand | -| DevRel ships partner onboarding guide | File social copy task for Content Marketer | - ---- - -## Phase 30 Linkage - -Phase 30 shipped `mol_ws_*` (per-workspace auth tokens). Phase 34 extends to `mol_pk_*` (partner/platform-level keys). Battlecard cross-sell: ✅ "Phase 30 workspace isolation + Phase 34 partner scoping — **the first agent platform with both layered token scoping and a first-class partner provisioning API.**" — verified 2026-04-23 via competitive audit. Use "first" / "pioneered" framing, not "only". - ---- - -*PMM draft 2026-04-22 — Marketing Lead 2026-04-23 v2: (1) lead claim updated to verified "first-mover" language per Research team competitive audit (LangGraph Cloud, CrewAI, Azure AI Foundry, Dify, Flowise, n8n — no equivalent `mol_pk_*` found), (2) Phase 30 cross-sell updated to "first agent platform with both" framing, (3) Language to Avoid section resolved. GA DATE CONFIRMED: April 30, 2026. Still awaiting PM input on partner tiers and marketplace billing.* \ No newline at end of file diff --git a/docs/marketing/blog/2026-04-21-cloudflare-artifacts-integration.md b/docs/marketing/blog/2026-04-21-cloudflare-artifacts-integration.md deleted file mode 100644 index dac63054..00000000 --- a/docs/marketing/blog/2026-04-21-cloudflare-artifacts-integration.md +++ /dev/null @@ -1,96 +0,0 @@ -# Git for Agents: Cloudflare Artifacts Integration - -**Source:** PR #641 (feat(platform): Cloudflare Artifacts demo integration #595), merged 2026-04-17 -**Issue:** #1174 -**Status:** Draft v1 - ---- - -Your AI agent has been working for three hours. It wrote tests, refactored a module, and left a summary in your workspace. Then your laptop died. - -Without a shared version history, that work was in memory — gone. With Cloudflare Artifacts, it doesn't have to be. - -Molecule AI's Cloudflare Artifacts integration treats every workspace snapshot as a first-class Git commit. Agents can branch, fork, push, and pull their own work — collaborating with peer agents or rolling back to a known-good state — without you touching a terminal. - ---- - -## What Is Cloudflare Artifacts? - -Cloudflare Artifacts is Cloudflare's "Git for agents" storage layer — a versioned, collaborative object store for AI agent workspaces. Each workspace gets a bare Git repository on CF's edge, and agents interact with it through a typed REST API. - -Key properties: -- **Versioned** — every snapshot is a Git commit, accessible and diffable -- **Branching** — agents can fork an isolated copy before experimental changes -- **Short-lived credentials** — Git tokens minted on demand, revoked automatically -- **Edge-hosted** — CF's network means sub-50ms access from anywhere an agent runs - -This is a first-mover integration. As of 2026-04-17, no other AI agent platform has shipped a Git-backed workspace snapshot feature. The [Cloudflare blog post](https://blog.cloudflare.com/artifacts-git-for-agents-beta/) has the full context. - ---- - -## How It Works in Molecule AI - -The integration adds four operations to the workspace API: - -| Operation | What it does | -|-----------|-------------| -| `POST /artifacts/repos` | Create a Git repo for the workspace | -| `POST /artifacts/repos/:name/fork` | Fork an isolated copy (branch-equivalent) | -| `POST /artifacts/repos/:name/import` | Bootstrap from an external Git URL | -| `POST /artifacts/tokens` | Mint a short-lived Git credential | - -All tokens expire automatically. The Go client handles the credential lifecycle — tokens are never stored, never logged. - ---- - -## Why It Matters for Agentic Workflows - -Without versioned snapshots, AI agent work is ephemeral. Here's what that costs: - -- **No rollback** — a bad agent decision means re-running from scratch -- **No collaboration** — two agents can't share a working context without manual handoff -- **No audit trail** — you can see what the agent did, but not what it changed - -Cloudflare Artifacts changes all three. The workspace filesystem becomes a proper Git working tree. Every action is a commit. Branching is a first-class API call. - -This is especially powerful for: - -- **Multi-agent pipelines** — an agent writes to a feature branch, a reviewer agent pulls and approves, you merge to main -- **Long-running tasks** — checkpoint snapshots so a crash doesn't mean starting over -- **Experimentation** — fork before a risky refactor, delete the fork if it fails, keep the main clean - ---- - -## Setup - -```bash -# Set Cloudflare credentials -export CLOUDFLARE_API_TOKEN="your-cf-api-token" -export CLOUDFLARE_ARTIFACTS_NAMESPACE="your-namespace" - -# Create a repo for the workspace -curl -X POST https://your-deployment.moleculesai.app/artifacts/repos \ - -H "Authorization: Bearer $ORG_API_KEY" \ - -H "Content-Type: application/json" \ - -d '{"name": "my-workspace", "description": "Dev agent workspace"}' - -# Fork before an experimental change -curl -X POST https://your-deployment.moleculesai.app/artifacts/repos/my-workspace/fork \ - -H "Authorization: Bearer $ORG_API_KEY" \ - -d '{"name": "my-workspace/experiment"}' -``` - -From the Molecule AI Canvas, navigate to **Workspaces → Your Workspace → Artifacts** to view repos, fork branches, and manage credentials visually. - ---- - -## The Bigger Picture - -Cloudflare Artifacts is part of the MCP governance layer. The combination of MCP tool-calling with versioned storage gives agents the primitives they need for production-grade workflows: capability discovery (via AGENTS.md), tool access (via MCP), and state persistence (via Cloudflare Artifacts). - -Your agents stop being stateless. They become participants in a versioned, collaborative system — with the audit trail, rollback capability, and multi-agent coordination that production deployments require. - ---- - -**Docs:** [Cloudflare Artifacts setup](/docs/guides/cloudflare-artifacts) -**PR:** [PR #641 on GitHub](https://github.com/Molecule-AI/molecule-core/pull/641) diff --git a/docs/marketing/blog/2026-04-23-saas-file-api-fix.md b/docs/marketing/blog/2026-04-23-saas-file-api-fix.md deleted file mode 100644 index a59376fc..00000000 --- a/docs/marketing/blog/2026-04-23-saas-file-api-fix.md +++ /dev/null @@ -1,44 +0,0 @@ -# SaaS Workspaces Now Support Full File API — SSH-Backed Writes Land Today - -**Status:** Live — merged 2026-04-23 -**PR:** [#1702](https://github.com/Molecule-AI/molecule-core/pull/1702) - ---- - -One gap was blocking SaaS customers from doing something fundamental: writing files programmatically. - -When you called `PUT /workspaces/:id/files/config.yaml` from a SaaS (EC2-backed) workspace, you got a 500. `failed to write file: docker not available`. The file API existed, but only for self-hosted Docker deployments. SaaS workspaces — the ones running on real EC2 VMs — had no path to write. - -That changes today. - -## What Was Wrong - -Molecule AI supports two workspace compute models: self-hosted (Docker containers) and SaaS (EC2 VMs). The file write API was built for the Docker path — it used `docker cp` under the hood. SaaS workspaces don't have Docker. There was no fallback, so every API write failed silently. - -This wasn't a permissions issue or a timeout. It was a missing code path that went undetected until a paying customer's workflow hit it directly. - -## What's Fixed - -The file write API now detects which compute model is in use and routes accordingly: - -- **Self-hosted (Docker):** Unchanged — `docker cp` path still used -- **SaaS (EC2):** Routes through EC2 Instance Connect (EIC) — the same ephemeral-keypair SSH flow that powers the Terminal tab in the Canvas - -The remote write uses `install -m 0644 /dev/stdin ` for an atomic write that creates missing parent directories. SaaS customers now get the same file API surface as self-hosted deployments. - -## Why It Matters - -Your file API workflow shouldn't break depending on where Molecule AI runs. Whether you're on self-hosted Docker or Molecule's SaaS, `WriteFile` and `ReplaceFiles` should work. They do now. - -**Try it:** -```bash -curl -X PUT https://your-workspace.moleculesai.app/workspaces/:id/files/config.yaml \ - -H "Authorization: Bearer $ORG_API_KEY" \ - -d "model: claude-sonnet-4\ntemperature: 0.7" -``` - -File API. Now everywhere Molecule AI runs. - ---- - -*Found a bug or have a feature request? Open an issue at [github.com/Molecule-AI/molecule-core](https://github.com/Molecule-AI/molecule-core).* diff --git a/docs/marketing/briefs/2026-04-22-a2a-enterprise-deep-dive-seo-brief.md b/docs/marketing/briefs/2026-04-22-a2a-enterprise-deep-dive-seo-brief.md deleted file mode 100644 index aa363c90..00000000 --- a/docs/marketing/briefs/2026-04-22-a2a-enterprise-deep-dive-seo-brief.md +++ /dev/null @@ -1,141 +0,0 @@ -# A2A Enterprise Deep-Dive — SEO Keyword Brief -**Post:** `docs/blog/2026-04-22-a2a-v1-agent-platform/index.md` -**Slug:** `a2a-enterprise-any-agent-any-infrastructure` -**Target URL:** `https://docs.molecule.ai/blog/a2a-enterprise-any-agent-any-infrastructure` -**Target length:** ~900 words -**Status:** DRAFT — awaiting PMM sign-off → route to Content Marketer -**Brief owner:** PMM | **Writer:** Content Marketer - ---- - -## Search Intent - -**Primary intent:** Informational (enterprise buyers researching agent orchestration platforms) -**Secondary intent:** Comparative (evaluating Molecule AI vs LangGraph, CrewAI, custom integrations) -**Content type:** In-depth blog post / thought leadership -**Audience:** IT leads, DevOps architects, platform engineers evaluating multi-agent orchestration - ---- - -## Canonical URL - -✅ `https://docs.molecule.ai/blog/a2a-enterprise-any-agent-any-infrastructure` -*(Consistent with post slug — no redirects, no query params)* - ---- - -## Headlines - -### H1 (primary) -> A2A Protocol for Enterprise: Any Agent. Any Infrastructure. Full Audit Trail. - -✅ **PMM-approved.** Matches Phase 30 core narrative. "Any agent, any infrastructure" is the established anchor phrase. - -### H2 candidates -1. "How A2A v1.0 Changes Multi-Agent Orchestration for Enterprise Teams" -2. "Why Protocol-Native Beats Protocol-Added for Agent Governance" -3. "Cross-Cloud Agent Delegation Without the VPN" - ---- - -## Keywords - -### P0 — must appear in H1, first paragraph, or meta -| Keyword | Target density | Placement | -|---------|---------------|-----------| -| `enterprise AI agent platform` | 2–3× | H1 anchor, intro paragraph, meta description | -| `multi-cloud AI agent orchestration` | 2× | H2, body (cross-cloud section) | -| `agent delegation audit trail` | 2× | Section heading, body (org API key attribution) | - -### P1 — supporting (1–2× each) -| Keyword | Placement | -|---------|-----------| -| `A2A protocol enterprise` | URL slug, intro, meta | -| `multi-agent platform comparison` | LangGraph ADR section | -| `cross-cloud agent communication` | VPN section | -| `enterprise AI governance` | Intro hook, closing paragraph | -| `AI agent fleet management` | Fleet/canvas section | - -### P2 — internal linking anchors -Use as anchor text when linking to other docs: -- "per-workspace auth tokens" → `/docs/guides/org-api-keys` -- "remote workspaces" → `/docs/guides/remote-workspaces` -- "external agent registration" → `/docs/guides/external-agent-registration` -- "Phase 30" → `/docs/blog/remote-workspaces` - ---- - -## Meta Description - -**Target:** 155–160 characters - -> "How enterprise teams use A2A v1.0 for multi-cloud agent orchestration — without a VPN. Molecule AI adds governance, audit trails, and cross-cloud delegation to any A2A-compatible agent." - -*(160 chars — matches P0 keywords, search intent, and CTA)* - ---- - -## Content Structure - -### Hook (first 100 words) -Lead with A2A v1.0 stats (March 12, LF, 23.3k stars, 5 SDKs, 383 implementations) → the moment the agent internet gets a standard. Most platforms add it. One platform was built for it from the ground up. Primary keywords: "enterprise AI agent platform", "A2A protocol". - -### Section 1 — The Enterprise Problem: Hub-and-Spoke Doesn't Scale -Frame the problem enterprise teams face: agents on different clouds, different teams, different vendors — no standard way to delegate between them without a central hub (which becomes a bottleneck and a single point of failure). - -**Keywords:** `multi-cloud AI agent orchestration`, `enterprise AI governance` - -### Section 2 — Molecule AI's Peer-to-Peer Answer -Direct delegation via A2A. Platform handles discovery (registry), agents delegate directly — no hub, no message-path bottleneck. - -**Proof points:** -1. A2A proxy live in production (Phase 30, 2026-04-20) -2. Per-workspace bearer tokens at every authenticated route — `Authorization: Bearer ` + `X-Workspace-ID` enforced at protocol level -3. Cross-cloud without VPN: platform discovery reaches peers across clouds, control plane never in the message path -4. Any A2A-compatible agent joins without code changes - -**Keywords:** `agent delegation audit trail`, `cross-cloud agent communication` - -**Auth guardrail:** Phase 30 enforces per-workspace bearer tokens at every authenticated route. Peer *discovery* is protocol-native (platform registry), but every A2A call is token-authenticated. Do not imply calls are unauthenticated. - -**VPN guardrail:** "Molecule AI agents use platform discovery to reach peers across clouds — no VPN tunnel required for the control plane." Control plane is not in the message path. - -### Section 3 — Code Sample (JSON-RPC, ~15 lines) -Show a minimal A2A delegation call — agents passing tasks to peers across clouds. Keep it clean: this is the "see, it's real" moment for technical buyers. Must show token scope and workspace ID header. - -### Section 4 — LangGraph ADR as Industry Validation -Not the lead — the closer. LangGraph ships A2A support, validating the protocol. Molecule AI was there first, ships it in production today, and the governance layer (per-workspace tokens, audit trail) is the differentiation. - -**Keywords:** `multi-agent platform comparison` - -### Closing CTA -One paragraph: "Get started with remote workspaces" → `/docs/guides/remote-workspaces` - ---- - -## Internal Linking - -| Anchor text | Target | -|-------------|--------| -| per-workspace auth tokens | `/docs/guides/org-api-keys` | -| remote workspaces | `/docs/guides/remote-workspaces` | -| external agent registration guide | `/docs/guides/external-agent-registration` | -| Phase 30 | `/docs/blog/remote-workspaces` | - -Minimum 4 internal links. No external competitor links (keep users on Molecule AI domain). - ---- - -## Positioning Sign-Off - -- [x] H1: approved -- [x] Keywords: approved (P0 + P1 cover search intent and competitive comparison) -- [x] Auth guardrail: corrected — "discovery-time CanCommunicate()" → "per-workspace bearer tokens enforced at every authenticated route" -- [x] VPN guardrail: approved -- [x] Phase 30 ship date: approved ("Phase 30 (2026-04-20)" framing) -- [x] Code sample: required for enterprise buyer credibility -- [ ] **PMM FINAL APPROVAL:** pending — sign off here to unblock Content Marketer - ---- - -*Brief drafted by PMM 2026-04-22 — routed from Content Marketer SEO brief delegation (SEO Analyst unreachable via A2A this cycle)* \ No newline at end of file diff --git a/docs/marketing/briefs/2026-04-22-partner-api-keys-positioning-brief.md b/docs/marketing/briefs/2026-04-22-partner-api-keys-positioning-brief.md deleted file mode 100644 index 86bd6bfb..00000000 --- a/docs/marketing/briefs/2026-04-22-partner-api-keys-positioning-brief.md +++ /dev/null @@ -1,130 +0,0 @@ -# Phase 34: Partner API Keys — PMM Positioning Brief -**Owner:** PMM | **Status:** Draft | **Date:** 2026-04-22 -**Assumptions:** GA date TBD (blocked on Phase 32 completion + infra); partner tiers TBD with PM - ---- - -## Executive Summary - -Phase 34 (Partner API Keys) ships a `mol_pk_*` scoped key type that lets CI/CD pipelines, marketplace resellers, and automation tools create and manage Molecule AI orgs via API — without a browser session. This is the foundational capability for three strategic channels: **partner platforms**, **marketplace resellers**, and **enterprise CI/CD automation**. Each channel requires distinct positioning, but all share the same core value prop: *programmatic org provisioning, at scale, without compromising security*. - ---- - -## What Phase 34 Ships (Technical) - -| Component | Detail | -|-----------|--------| -| Key type | `mol_pk_*` — SHA-256 hashed in DB, returned in plaintext once on creation | -| Scoping | Org-scoped only; keys cannot access other orgs | -| Rate limiting | Per-key limiter, separate from session limits | -| Audit | `last_used_at` tracking on every request | -| Endpoints | `POST /cp/admin/partner-keys`, `GET /cp/admin/partner-keys`, `DELETE /cp/admin/partner-keys/:id` | -| Secret scanner | `mol_pk_` added to pre-commit secret scanner | -| Onboarding | Partner onboarding guide + two code examples (org lifecycle, CI/CD test org) | - ---- - -## Positioning by Channel - -### Channel 1: Partner Platforms - -**Buyer:** DevRel + platform integrations lead at platforms that want to embed or white-label Molecule AI as the agent orchestration layer. - -**Core message:** *"Molecule AI embeds in 10 lines of code. Provision a full org, attach your branding, and hand the tenant a ready-to-run fleet."* - -**Problem:** Platforms that want to offer agent orchestration as a feature today have two bad options — build it themselves (months of work, ongoing maintenance) or integrate via browser sessions (brittle, non-programmatic). Neither scales. - -**Solution:** Partner API Keys give platforms a first-class provisioning path. A partner platform calls `POST /cp/admin/partner-keys` with `orgs:create` scope, provisions a white-labeled org for each customer, and hands the customer a dashboard that is already their org, already wired up, already running agents. - -**Three claims:** -1. **Zero browser dependency.** Every provisioning action is an API call. Integrations don't break on UI changes. -2. **Scope-isolated by design.** Each partner key is scoped to one org. A compromised key cannot access other tenants or the platform's own infrastructure. -3. **Revocable instantly.** `DELETE /cp/admin/partner-keys/:id` revokes access on the next request. No waiting for session expiry. - -**Target dev:** Platform integrations engineer, DevRel who owns partner ecosystem -**CTA:** Request partner access → `docs.molecule.ai/docs/guides/partner-onboarding` - ---- - -### Channel 2: Marketplace Resellers - -**Buyer:** Marketplace ops team at cloud marketplaces (AWS Marketplace, GCP Marketplace) or agent framework directories who want to offer one-click Molecule AI org provisioning alongside existing listings. - -**Core message:** *"Molecule AI on [Marketplace]: provision in seconds, manage via API, bill through your existing account."* - -**Problem:** Marketplaces that list SaaS tools today have to manually provision trials, manage credentials out of band, and reconcile billing. The manual overhead makes Molecule AI a low-margin listing. - -**Solution:** Partner API Keys enable fully automated provisioning through marketplace billing APIs. A buyer clicks "Deploy on [Marketplace]", the marketplace calls the Partner API to provision an org, charges begin on the marketplace invoice, and the buyer lands in a fully configured dashboard. - -**Three claims:** -1. **Automated provisioning end-to-end.** From click to running org in under 60 seconds — no manual handoff. -2. **Marketplace-native billing.** Usage flows through the marketplace's existing invoicing, not a separate Molecule AI subscription. -3. **API-first management.** Marketplaces manage orgs, seats, and deprovisioning via the same Partner API used for provisioning. - -**Target dev:** Marketplace listing owner, cloud marketplace integrations engineer -**CTA:** List on [Marketplace] → contact partner team - ---- - -### Channel 3: Enterprise CI/CD Automation - -**Buyer:** DevOps / Platform engineering team at enterprises that want to spin up ephemeral test orgs as part of CI pipelines, run integration tests against a fresh Molecule AI org per PR, or automate org provisioning for dev/staging environments. - -**Core message:** *"Test against a real org, every commit, without touching the production fleet."* - -**Problem:** Enterprise teams building on Molecule AI today have to either share test orgs (flaky, data contamination) or manually provision ephemeral orgs per test run (slow, non-automatable). Neither supports a high-velocity CI/CD workflow. - -**Solution:** Partner API Keys + CI/CD example in the onboarding guide gives platform teams a fully automated org lifecycle per pipeline run: `POST` to create org → run tests → `DELETE` to teardown. Each PR gets a clean org. No cross-contamination. No manual cleanup. - -**Three claims:** -1. **Per-PR ephemeral orgs.** Each pipeline run gets a fresh org with default settings. Tests run in isolation. No shared-state flakiness. -2. **Automated teardown.** `DELETE /cp/admin/partner-keys/:id` deprovisions the org and stops billing immediately. -3. **No browser required.** The entire lifecycle — create, configure, test, teardown — is one or two API calls. CI/CD-native from day one. - -**Target dev:** Platform engineer, DevOps lead, CI/CD team -**CTA:** CI/CD integration guide → `docs.molecule.ai/docs/guides/partner-onboarding#cicd-example` - ---- - -## Cross-Channel Positioning - -All three channels share a single technical differentiator that should appear in every channel's collateral: - -> **Partner API Keys are org-scoped, scope-enforced, and revocable in one call.** A `mol_pk_*` key cannot escape its org boundary. Compromised keys cost one `DELETE` to neutralize. This is not a personal access token with a org-wide blast radius — it is an infrastructure credential designed for the partner tier. - ---- - -## Phase 30 Linkage - -Phase 30 (Remote Workspaces) shipped the per-workspace auth token model (`mol_ws_*`). Phase 34 extends that model to the *platform tier* with `mol_pk_*` — partner/platform-level keys that provision and manage orgs. Cross-sell opportunity: every Phase 34 org comes with Phase 30 remote workspace capability at no additional configuration. - ---- - -## Collateral Needed - -| Asset | Owner | Status | -|-------|-------|--------| -| Partner onboarding guide (`docs/guides/partner-onboarding.md`) | DevRel / PM | Not started | -| CI/CD example (org lifecycle + test teardown) | DevRel | Not started | -| Partner API Keys landing page section | Content Marketer | Not started | -| Marketplace listing copy | Content Marketer | Not started | -| Battlecard update (add Phase 34 row) | PMM | Not started | -| Partner tier pricing page | Marketing Lead / PM | TBD | - ---- - -## Open Questions for PM / Marketing Lead - -1. Partner tiers: will there be multiple key tiers (e.g., `orgs:create` vs `orgs:manage` vs `orgs:delete`)? Pricing model? -2. GA date: dependent on Phase 32 completion — any updated ETA? -3. First design partner: is there a named partner in the pipeline we can use as a reference in the onboarding guide? -4. Rate limits: what are the per-key rate limits? Do limits vary by tier? -5. Key rotation: are partner keys rotatable, or is rotation a delete + recreate? - ---- - -## Competitive Context - -No direct competitor has a published Partner API Key program at the agent orchestration layer. CrewAI and AutoGen focus on developer-seat pricing. LangGraph Cloud uses per-user licensing with no partner provisioning tier. This is a first-mover opportunity to own the "agent platform-as-a-backend" positioning before the category standardizes. - -**Risk:** If AWS/GCP/Azure absorb agent orchestration into their managed AI platforms (Phase 30 risk, tracked in ecosystem-watch), the partner platform channel may shift to OEM relationships rather than API-key-based reselling. Monitor for cloud provider announcements. diff --git a/docs/marketing/briefs/2026-04-22-phase30-pmm-positioning.md b/docs/marketing/briefs/2026-04-22-phase30-pmm-positioning.md deleted file mode 100644 index f5cb46c7..00000000 --- a/docs/marketing/briefs/2026-04-22-phase30-pmm-positioning.md +++ /dev/null @@ -1,103 +0,0 @@ -# Phase 30 PMM Positioning — Response to SEO Brief #1126 Questions - -> **Context:** SEO Analyst filed brief #1126 for Remote Workspaces campaign. Acceptance criteria specified "Coordinate with PMM (issue #1116) on positioning language." PMM Slack: "Phase 30 position holding." No PMM response received yet. Content Marketer answers based on approved copy + internal/product docs. -> **Author:** Content Marketer (self-prompted — no PMM input available this cycle) -> **Date:** 2026-04-22 -> **Status:** DRAFT — for PMM review before social copy goes live - ---- - -## Q1: Primary message — "One canvas, every agent" or "Deploy agents anywhere"? - -**Recommendation:** Both — layered approach: - -- **Headline (social/digital):** "One canvas, every agent." — fleet visibility is the emotional hook. It's visually true (the Canvas shows the whole org) and differentiated (competitors don't have this). -- **Sub-message (docs/SEO):** "Deploy agents anywhere, manage them from one place." — deployment flexibility is the practical hook for the informational/search audience. - -**Rationale from internal/product/overview.md:** Molecule AI's primary abstraction is the *workspace role*, not a task graph. The canvas shows that clearly. Social copy should lead with that differentiator. SEO content should lead with the practical deployment flexibility. - -**Approved social copy confirms this:** -- Fly Deploy Anywhere: leads with deployment flexibility (three backends, one config change) -- Remote Workspaces social copy: leads with fleet visibility ("Your whole agent team, on one canvas") -- Org API Keys: leads with operational control (audit trail, revocation) - ---- - -## Q2: Competitive framing — LangChain Agents, CrewAI, OpenAI agent SDK? - -**Positioning lines that hold:** - -1. **"Runtime agnostic by design"** — LangChain and CrewAI are tied to their own graph/DAG execution model. Molecule AI workspaces run LangGraph, Claude Code, CrewAI, AutoGen, OpenClaw, DeepAgents behind the same workspace contract. Approved copy across 8 campaigns confirms this is real. - -2. **"A2A is solved. A2A governance is not."** — A2A Enterprise approved copy leads with this frame. LangGraph shipped A2A client (PRs #6645 and #7113) but has no audit trail, no org attribution, no revocation. This is the clearest competitive gap. - -3. **"Fleet visibility by default"** — Canvas shows the org chart. No competitor has this out of the box. - -**Do NOT say:** -- "better than [competitor]" without data -- benchmark numbers — none are confirmed -- "only platform with X" unless sourced - -**LangGraph specific (from A2A Enterprise approved copy):** -- Factual only: "LangGraph ADR validates that A2A is becoming table stakes." — don't spin this as criticism. -- Attribution: cite PR numbers (#6645, #7113) — these are public facts. - ---- - -## Q3: Primary audience — infra lead, developer, or platform team? - -**Split by channel:** - -| Channel | Primary audience | Why | -|---------|-----------------|-----| -| X (social) | Platform engineers, DevOps | Operational pain (Admin_token rotation, CI/CD integration) | -| LinkedIn | Enterprise AI leads, CTOs | Governance, audit trail, org-scale control | -| SEO/docs | Developers, infra teams | How-to, self-hosted setup, remote agent registration | -| Blog | Evaluators, technical decision-makers | Comprehensive feature + differentiation | - -**From internal/product/overview.md:** Molecule AI targets teams running heterogeneous agent fleets. The buyer is a platform lead or infra engineer who needs to manage agents across environments. - ---- - -## Q4: Pricing/availability — all tiers or specific plan? - -**Positioning depends on what is actually GA:** - -- Phase 30 workspaces (remote agents, bearer tokens, A2A) — **GA as of 2026-04-20** per phase30-launch-calendar.md -- Phase 32 cloud SaaS (Stripe Atlas billing) — **IN PROGRESS**, load test pending, ~2wk lead on Atlas -- Phase 33 — **NOT LOCKED**, no GA date confirmed - -**Safe CTA language (confirmed GA only):** -- "Workspaces on Docker, Fly Machines, or your own cloud — same agent code" -- "Org API keys. Audit trail. Instant revocation." -- "Every Molecule AI workspace is an A2A server." - -**Do NOT say:** -- "available on all plans" — this hasn't been confirmed by PM -- specific pricing tiers -- "Phase 33 ships next" — date not locked - ---- - -## Q5: Campaign coordination — any spacing or sequencing rules? - -**From approved social copy + posting-guide.md:** - -| Day | Campaign | Don't post same day as | -|-----|----------|----------------------| -| Apr 21 | Chrome DevTools MCP | Fly Deploy Anywhere | -| Apr 22 | Discord Adapter Day 2 (Reddit/HN) | — | -| Apr 23 | Org API Keys | — | -| Apr 23 | A2A Enterprise | — | -| Apr 24 | EC2 Instance Connect SSH | — | -| Apr 25 | MCP Server List | — | -| Apr 17+ | Fly Deploy Anywhere | Chrome DevTools MCP Day 1 | - -**Cross-campaign links (intentional stacking):** -- Discord Adapter → links to Org API Keys (shared governance/A2A theme) -- Fly Deploy Anywhere → naturally cross-links to Chrome DevTools MCP (both self-hosted angle) -- EC2 Instance Connect SSH → platform engineering audience, stacks with Org API Keys - ---- - -*Content Marketer — 2026-04-22. PMM to review and confirm or revise before social copy is finalized.* diff --git a/docs/marketing/briefs/2026-04-22-phase32-observability-angle-brief.md b/docs/marketing/briefs/2026-04-22-phase32-observability-angle-brief.md deleted file mode 100644 index 8149c19e..00000000 --- a/docs/marketing/briefs/2026-04-22-phase32-observability-angle-brief.md +++ /dev/null @@ -1,83 +0,0 @@ -# Phase 32 SaaS — Observability Angle Brief (Content Marketer) -**Date:** 2026-04-22 -**Status:** DRAFT — for future social copy when Phase 32 GA is confirmed -**Context:** Social Media Brand flagged this angle from PLAN.md. Phase 32 is still hardening — not ready to post. - ---- - -## The Observability Story - -Phase 32 ships Molecule AI as a multi-tenant cloud SaaS. The observability layer built into the platform is a genuine enterprise differentiator — it's not an add-on, it's structural. - -**What makes this worth a campaign:** -1. Every cross-agent A2A call is logged (Phase 30.5 — in prod since Apr 20) -2. Activity logs capture: caller, callee, method, timestamp, result, error detail -3. `/traces` endpoint surfaces Langfuse traces per workspace (Phase 10 — since Phase 10) -4. Token-level attribution: `org:keyId` prefix on every API call (Phase 30 / Org API Keys) -5. Admin observability: `/events` endpoint, per-workspace activity, delegation history - -**The positioning frame:** -> "When something goes wrong in your agent team, can you answer: which agent did what, when, and with what result?" - -Most agent platforms can't answer this. Molecule AI built the answer into the platform from Phase 10 onward. - ---- - -## What's Confirmed GA (post to this) - -| Feature | Phase | GA Date | -|---------|-------|---------| -| Activity logs (A2A + task + error) | Phase 10 | Shipped | -| Langfuse traces per workspace | Phase 10 | Shipped | -| Token attribution (`org:keyId`) | Phase 30 | 2026-04-20 | -| Audit log export | Org API Keys | Live on staging | -| `/traces` endpoint | Phase 10 | Shipped | - ---- - -## Phase 32-Specific (not GA until hardening complete) - -| Feature | Status | Notes | -|---------|--------|-------| -| CloudTrail records for EC2 Instance Connect | ✅ Shipped | AWS-native, per-workspace | -| Per-tenant resource quotas | ⏳ Phase G | Observability → control loop | -| Langfuse on cloud SaaS | ⏳ Phase G | observability + quotas | -| Status page custom domain | ⏳ Phase H | `status.moleculesai.app` pending | -| Load test | ⏳ Phase H | Before external user launch | - ---- - -## Do NOT Post Until - -- Load test complete -- Stripe Atlas (~2wk lead) — social gate per phase30-launch-plan.md -- Status page live at custom domain -- These confirmed by PM - ---- - -## Draft Social Frame (for when Phase 32 clears) - -**Hook:** "Your AI agent team just did something. Can you prove it?" - -**Post 1 (the problem):** -Most AI agent platforms give you zero visibility into what your agents actually did. -No logs. No traces. No audit trail. -When something goes wrong, you're debugging blind. - -**Post 2 (what Molecule AI ships):** -Every cross-agent call logged. -Every API call attributed to an org key. -Every trace visible in Langfuse. -Workspace-level activity logs. Admin-level event export. - -If your compliance team asks "which agent touched what," you can answer from the platform — not from guessing. - -**Post 3 (EC2 Instance Connect + observability):** -Molecule AI's Terminal tab routes through AWS EC2 Instance Connect Endpoint. -The session is AWS-signed, ephemeral, and CloudTrail-recorded. -Your platform team gets a shell. Your security team gets the audit log. Same tool. - ---- - -*Content Marketer — 2026-04-22. Not ready to publish until Phase 32 hardening complete.* diff --git a/docs/marketing/briefs/2026-04-23-pr1686-tool-trace-platform-instructions-positioning.md b/docs/marketing/briefs/2026-04-23-pr1686-tool-trace-platform-instructions-positioning.md deleted file mode 100644 index 528f00ac..00000000 --- a/docs/marketing/briefs/2026-04-23-pr1686-tool-trace-platform-instructions-positioning.md +++ /dev/null @@ -1,82 +0,0 @@ -# PR #1686 Positioning Brief: Tool Trace + Platform Instructions - -**Source:** PR #1686 — `feat: tool trace + platform instructions` -**Date:** 2026-04-23 -**Author:** PMM -**Status:** Draft — for internal review before announcement - ---- - -## Target Buyer - -**Primary:** Platform Engineering / DevOps leads (80% of value) -**Secondary:** Enterprise IT / Security Governance leads (Platform Instructions) - -Platform teams own the agent runtime and are the first to get paged when an agent goes off-script. They need built-in observability, not bolt-on stitching. Enterprise IT and compliance teams care about the governance angle — system-prompt rules that enforce behavior before an agent runs, not after it has already done something unintended. - ---- - -## Primary Value Prop - -> **Tool Trace** gives every A2A response a complete, run_id-paired execution record — so platform teams can trace what every agent actually did, without wiring up a third-party SDK. - -> **Platform Instructions** lets workspace admins enforce system-prompt rules at startup — so governance happens before the agent runs, not after an incident. - ---- - -## Competitive Angle - -**vs. Langfuse / Helicone / separate observability pipelines:** -Third-party LLM observability tools require instrumentation in every agent: SDK installs, API key management, proxy configuration, and a separate vendor relationship. Tool Trace ships the execution record inside every A2A message and stores it in `activity_logs` — no extra pipeline, no separate pane of glass. For teams already on Molecule, it's zero-lift observability. - -Langfuse/Helicone remain stronger for *cross-platform, multi-model* observability (tracking OpenAI + Anthropic + self-hosted in one view). That's not Molecule's fight. The positioning here is: "If you're already running agents on Molecule, you already have enterprise-grade trace — turn it on, don't integrate it." - -**vs. Hermes native tool tracing:** -Hermes traces individual model calls. Tool Trace traces *agent behavior* — the A2A-level sequence of tool calls and responses across the full task lifecycle. Different layer of the stack. Tool Trace is additive, not competitive. - -**vs. policy-as-code tools (OPA, Sentinel):** -Platform Instructions enforces behavioral guardrails at the system-prompt level. Policy engines enforce runtime resource access. They complement; Platform Instructions is earlier in the chain (pre-execution vs. during-execution). - ---- - -## Key Differentiator - -Tool Trace and Platform Instructions are **platform-native** — not plugins, not third-party SDKs, not configuration-as-code you have to maintain. They live where the agent runs: inside the workspace startup path and inside every A2A message envelope. There's nothing to install, no API key to rotate, no version drift to manage when the agent framework updates. - -Third-party observability and governance tooling always has a lag between "agent framework ships a new behavior" and "our integration captures it." Native trace and prompt-level instructions have no lag — they are the platform. - ---- - -## Objection Handlers - -**O1: "We already use Datadog / Langfuse / Splunk for this."** -That's fine for cross-platform, multi-model environments. Tool Trace captures *A2A-level* agent behavior — tool calls, input/output previews, run_id-paired sequences — that generic LLM observability pipelines typically miss or flatten. Think of it as your Molecule-specific layer inside your existing observability stack. It doesn't replace Datadog; it enriches it. - -**O2: "Why enforce system-prompt rules at the platform level instead of in code?"** -Because code changes require a deployment, and governance that requires a deployment is governance that only happens at the next release cycle. Platform Instructions are workspace-scoped rules that take effect at startup — a platform team or IT admin can update agent behavior without touching application code or triggering a redeploy. Speed of governance matters. - ---- - -## Overlap / Conflict Notes - -| Existing Feature | Relationship | -|-----------------|--------------| -| Org-scoped API keys (#1105) | Different layer: API key auth vs. agent behavior/prompt. Tool Trace traces what agents *do* with the keys; org keys control *who gets* the keys. Not cannibalization — complementary. | -| Audit trail visualization panel (#759) | Tool Trace is the raw execution record; the audit trail panel is the compliance UI on top of it. Tool Trace feeds the audit trail. Not competitive — dependency. | -| Snapshot secret scrubber (#977) | Both platform observability. Secret scrubber is about data posture; Tool Trace is about behavior. No conflict. | - -**Cannibalization risk: LOW.** Tool Trace and Platform Instructions occupy the observability/governance vertical that existing features touch from different angles — no direct overlap, strong adjacency. - ---- - -## CTA - -**For platform teams:** "Enable activity log tracing for your workspace — every A2A task now has a complete execution record, no SDK required." -**For enterprise IT:** "Set workspace-level system prompt rules to enforce behavioral guardrails before agents run. No code deploy required." -**Combined anchor:** "Molecule gives you observability and governance as platform primitives — not afterthought integrations." - ---- - -## Recommended Announcement Angle - -Lead with the platform-native story, not the feature list. The headline is: *"Molecule agents now come with built-in execution tracing and governance — nothing to integrate."* Avoid leading with "Tool Trace" as a feature name in top-level copy; use "execution tracing" or "agent observability" for broader appeal. diff --git a/docs/marketing/briefs/cloudflare-artifacts-positioning.md b/docs/marketing/briefs/cloudflare-artifacts-positioning.md deleted file mode 100644 index 1919bfbb..00000000 --- a/docs/marketing/briefs/cloudflare-artifacts-positioning.md +++ /dev/null @@ -1,115 +0,0 @@ -# Cloudflare Artifacts — PMM Positioning Brief -**Source:** PR #641, merged 2026-04-17 | Blog: `docs/marketing/blog/2026-04-21-cloudflare-artifacts-integration.md` -**Issue:** #1174 | **Status:** PMM DRAFT | **Date:** 2026-04-23 -**Owner:** PMM | **Blocking:** none — feature shipped, ready for social - ---- - -## Positioning Decision - -**Use "Git for agents" as the headline metaphor — with qualification.** - -Cloudflare's own beta announcement uses "Git for agents." It's the right hook because developers immediately understand what it means and why it matters. Leading with it is accurate and immediately differentiating. - -The qualification: this is Git *plus* the agent primitives that make it agent-native. Automated commits (no human in the loop), API-first branching, ephemeral short-lived credentials, canvas-native integration. It's not Git with a chat interface — it's version control designed for stateless agents. - -**Recommended headline:** "Give your agents a Git history — without touching a terminal." - ---- - -## Buyer Profile - -**Primary:** Platform engineers and DevOps leads evaluating AI agent platforms. They have agents running in production, they're managing agent state manually or not at all, and they need version control they can instrument. They're not necessarily Git experts — they're the people who inherited the AI agent rollout. - -**Secondary:** Enterprise security and compliance teams. They need audit trails on agent actions. A versioned snapshot system with immutable commits is a concrete answer to "what did the agent change?" — without requiring agents to write human-readable commit messages. - -**Not the audience:** Developers who want Git workflows in their own IDE. This isn't replacing GitHub for human developers — it's giving agents a version history that humans can audit and roll back. - ---- - -## Use Cases - -### Use Case 1: Multi-agent pipelines without manual handoff -Two agents, same task. Agent A writes a feature branch. Agent B reviews and approves. You merge. No Slack threads asking "did the research agent finish?" No copy-pasting outputs between workspaces. - -### Use case 2: Crash recovery without starting over -An agent crashes mid-task. With versioned snapshots, the last checkpoint is a Git commit. The next agent to pick up the task starts from a diff, not a blank workspace. - -### Use case 3: Experimentation without risk -Agents trying something risky can fork a branch first. If it fails, delete the fork. The main branch is clean. No "oops, can you revert that?" in the team Slack. - ---- - -## Top 2 Buyer Objections - -### Objection 1: "Why not just use GitHub? Agents can call `git commit`" -**Likely buyer:** Platform engineers with existing GitOps workflows. - -**The problem with this objection:** `git commit` requires a Git repo on disk, human-readable messages, and a human in the loop to resolve conflicts. Agents don't naturally produce well-structured commits. And "just use GitHub" means agents need credentials, network access, and a configured remote — which creates a dependency you have to manage. - -**Recommended response:** -Git was designed for humans. Agents need version control that works without a human in the commit loop — automatic snapshots, API-first branching, ephemeral credentials that never get stored. Cloudflare Artifacts gives agents their own versioned storage without requiring Git credentials on every agent instance. The four API operations (`POST /artifacts/repos`, `fork`, `import`, `tokens`) are agent-native — no terminal, no commit messages, no credential management. - -If you want agents to contribute to a shared Git repo, they can — `POST /artifacts/repos/:name/import` bootstraps from any Git URL. But they don't need to in order to have a useful version history. - ---- - -### Objection 2: "Cloudflare Artifacts is in beta — we can't bet production infrastructure on a beta service" -**Likely buyer:** Enterprise ops leads, security teams. - -**The problem with this objection:** The risk is real but the framing is wrong. Cloudflare Artifacts is beta on Cloudflare's side, but the integration inside Molecule AI is designed to fail gracefully — if Artifacts is unavailable, agents fall back to local workspace state. The version history is an enhancement, not a hard dependency. - -**Recommended response:** -The feature is additive, not a hard dependency. If Cloudflare Artifacts is unavailable, agents continue working with local filesystem state — no outage, no degraded mode. Cloudflare is a large, stable infrastructure provider with a documented beta SLA. For teams that need production guarantees, this is worth evaluating alongside the rest of the Cloudflare Workers ecosystem. If Cloudflare Artifacts goes GA, the integration is already live. - ---- - -## GA Status - -**Feature is shipped (PR #641 merged 2026-04-17).** - -Cloudflare Artifacts is in public beta on Cloudflare's side. Molecule AI's integration is live. The feature is available to users with a Cloudflare API token and Artifacts namespace configured. - -**No separate GA date needed from Molecule AI's side** — the integration doesn't have its own launch milestone, it's a feature within the existing platform. Social copy can proceed without a GA date announcement. - -**Caveat:** If Cloudflare promotes Artifacts from beta, the messaging should shift from "Git for agents (beta)" to "Git for agents — now GA." Track Cloudflare's announcement channel for Artifacts GA. - ---- - -## Competitive Angle - -**No other AI agent platform has a Cloudflare Artifacts integration as of 2026-04-17.** This is a first-mover claim. Verify before publishing — if a competitor ships before the launch post goes live, update to "first to integrate" rather than "only platform with." - -Monitor: LangGraph, CrewAI, AutoGen GitHub repos for Artifacts or CF Workers integration commits. - ---- - -## Collateral Status - -| Asset | Owner | Status | -|-------|-------|--------| -| Blog post | Content Marketer | Shipped (2026-04-21) | -| Social launch thread | Social Media Brand | Blocked on brief (this doc) | -| DevRel demo | DevRel Engineer | Unknown | -| Docs page | DevRel | Shipped (`docs/guides/cloudflare-artifacts`) | -| Battlecard entry | PMM | Add to Phase 34 battlecard | - ---- - -## Recommended Social Angle (for Social Media Brand) - -Thread opener: "Your AI agent just deleted three hours of work. Here's why that doesn't have to happen again." - -Lead with the pain story. The technology is the answer, not the hook. Close with the CTA to the blog post. - ---- - -## Update Triggers - -- Cloudflare Artifacts GA announced → update from "beta" to "GA" framing -- Any competitor ships Cloudflare Artifacts integration → update competitive claim to "first to integrate" -- PR or issue filed about Artifacts user experience → update objections section - ---- - -*PMM draft 2026-04-23 — ready for Social Media Brand* diff --git a/docs/marketing/briefs/phase34-messaging-matrix.md b/docs/marketing/briefs/phase34-messaging-matrix.md deleted file mode 100644 index 20730d2f..00000000 --- a/docs/marketing/briefs/phase34-messaging-matrix.md +++ /dev/null @@ -1,100 +0,0 @@ -# Phase 34 — Taglines + Messaging Matrix -**Feature group:** Partner API Keys, Tool Trace, Platform Instructions, SaaS Federation v2 -**GA date:** April 30, 2026 -**Owner:** PMM | **Status:** INTERNAL DRAFT -**Last updated:** 2026-04-23 - ---- - -## 3 Candidate Taglines - -### Tagline A — Production-grade (emphasizes enterprise reliability) -> **"Production-grade AI agents. Nothing to bolt on."** - -**Use for:** Press releases, homepage hero, paid placements, enterprise sales decks. -**Why it works:** Directly addresses the enterprise buyer's #1 objection — "this is great for prototypes but can I run it in production?" — without overclaiming features. "Nothing to bolt on" is a dig at competitors (LangGraph, CrewAI) that require Langfuse, Helicone, or custom observability pipelines. - ---- - -### Tagline B — Observability/visibility (emphasizes transparency) -> **"See exactly what your AI agents did. Every tool. Every call. Every time."** - -**Use for:** DevOps-focused channels, technical blog intros, SOC 2 / compliance audience, tool trace launch announcement. -**Why it works:** Speaks directly to the platform engineering persona — the person who gets paged at 2am when something breaks. "Every tool. Every call. Every time." is specific and falsifiable, which builds credibility with technical audiences. It names the feature (Tool Trace) without making it a product name. - ---- - -### Tagline C — Aspirational (emphasizes enterprise enablement) -> **"Your AI fleet. Your rules. Your cloud."** - -**Use for:** LinkedIn, enterprise social, brand campaigns, vision statements. -**Why it works:** Three short declarative sentences that speak to three distinct buyer anxieties: managing at scale ("fleet"), controlling behavior ("rules"), and infrastructure autonomy ("your cloud"). Works for Platform Instructions, Partner API Keys, and SaaS Federation v2 simultaneously — it's a Phase 34 group tagline, not a single-feature tagline. - ---- - -## Messaging Matrix — 4 Features - ---- - -### Feature 1: Partner API Keys (`mol_pk_*`) - -| | | -|--|--| -| **Pain it solves** | Partner platforms, CI/CD pipelines, and marketplace resellers cannot programmatically provision or manage Molecule AI orgs — they must use browser sessions or build custom integrations from scratch. This makes Molecule AI unembeddable for any platform that wants to offer agent orchestration as a feature. | -| **Who cares** | Platform integrations engineers, DevRel leads building partner ecosystems, CI/CD DevOps teams, marketplace listing owners (AWS/GCP Marketplace) | -| **One-liner** | Programmatic org provisioning via API — no browser required, no manual handoff. | -| **Proof point** | `POST /cp/admin/partner-keys` creates a fully configured org with one API call. Keys are scoped to the org they create, rate-limited, revocable with `DELETE /cp/admin/partner-keys/:id`. Ephemeral CI test orgs: `POST` → run tests → `DELETE` → clean billing. | -| **HN/Reddit framing** | "Molecule AI now lets partners provision orgs via API — the same week Acme Corp [design partner, placeholder] ships their integration." Do NOT claim GA. Use "beta" or "now available." | -| **What to soft-pedal** | Specific partner tiers and pricing (PM not confirmed). Marketplace billing integration status (PM to confirm). Do not mention "Acme Corp" in published copy. | - ---- - -### Feature 2: Tool Trace - -| | | -|--|--| -| **Pain it solves** | When an agent breaks in production, teams have no structured record of what it did — only the final output. Reverse-engineering from outputs is slow, error-prone, and impossible to automate. Third-party observability tools (Langfuse, Helicone, Datadog) miss A2A-level agent behavior and require SDK instrumentation. | -| **Who cares** | Platform engineers, DevOps leads, SREs, enterprise IT debugging production incidents | -| **One-liner** | Built-in execution tracing for every A2A task — no SDK, no sidecar, no sampling. | -| **Proof point** | `tool_trace[]` in every `Message.metadata` — array of `{tool, input, output_preview, run_id}` entries. Entries written to `activity_logs.tool_trace` as JSONB. run_id pairs concurrent calls so parallel traces don't merge. Platform-native: ships with the A2A response, no instrumentation required. | -| **HN/Reddit framing** | Lead with the developer experience: "Tool Trace ships today in Molecule AI. Every agent turn now includes a structured record of every tool called — inputs, output previews, run_id-paired for parallel calls." Be honest: this is a beta feature. | -| **What to soft-pedal** | Technical implementation details (run_id pairing schema, JSONB storage format). Overlap with Langfuse/Helicone — frame as complementary, not competitive. | - ---- - -### Feature 3: Platform Instructions - -| | | -|--|--| -| **Pain it solves** | Agent governance that only filters outputs after the agent has already acted is governance that failed. Enterprise IT and compliance teams need to shape agent behavior *before* the first token is generated — without requiring a code change or deployment. | -| **Who cares** | Enterprise IT, Security/Compliance leads, Platform Engineering, CISO office | -| **One-liner** | Enforce org-wide agent governance at the system prompt level — before the first turn, not after an incident. | -| **Proof point** | Platform Instructions prepends workspace-scoped rules to the system prompt at startup. Two scopes: global (every workspace in the org) and workspace-specific. Rules take effect before the first agent turn — not after. Policy update requires no code deploy, no agent restart, no application change. | -| **HN/Reddit framing** | Frame as "the missing governance layer for production agents." Avoid overclaiming compliance certifications. Do not compare directly to OPA/Sentinel — say "complements runtime policy engines" not "replaces them." | -| **What to soft-pedal** | Overlap with the existing audit trail panel (Issue #759) — they are complementary (Tool Trace feeds the audit trail). Don't let buyers think they have to choose. Specific policy examples until PM confirms which are GA-ready. | - ---- - -### Feature 4: SaaS Federation v2 - -| | | -|--|--| -| **Pain it solves** | Enterprises and marketplaces that need to offer agent orchestration to multiple end-customers (tenants) cannot do so safely with a single-tenant architecture: cross-tenant data isolation, centralized billing, org-level access control, and per-tenant audit trails are all required for enterprise procurement. | -| **Who cares** | Enterprise procurement, IT procurement teams, marketplace operators, SaaS resellers, multi-tenant ISVs | -| **One-liner** | Multi-tenant agent platform with cross-tenant isolation, centralized billing, and org-level governance — built for enterprises and marketplaces. | -| **Proof point** | SaaS Federation v2 tutorial at `docs/tutorials/saas-federation` (PR #1613). Org-scoped keys + control plane boundary. Isolated per-tenant workspaces with centralized admin view. | -| **HN/Reddit framing** | ⚠️ **WARNING:** SaaS Federation v2 is listed in Issue #1836 as a Phase 34 feature, but no PMM positioning brief or blog post exists for it yet. Do NOT draft community copy for this feature until PM confirms: (a) what it actually ships, (b) the GA/beta/alpha label, and (c) the primary use case narrative. Current content gap — not ready for external copy. | -| **What to soft-pedal** | Until PM confirms details, do not publish any claims about SaaS Federation v2. | - ---- - -## Feature Cross-Sell Angles - -**Phase 30 → Phase 34 linkage (for sellers):** -> "Phase 30 shipped per-workspace auth tokens (`mol_ws_*`). Phase 34 ships partner-level keys (`mol_pk_*`). Together, Molecule AI is the only platform with workspace-level isolation *and* partner-level scoping — enterprise-ready from day one." - -**Governance stack (Platform Instructions + Tool Trace):** -> "Platform Instructions shapes what agents do *before* they run. Tool Trace records what they did *after*. Together: governance before, observability after. Nothing leaves production unaccounted for." - -**Partner platform stack (Partner API Keys + SaaS Federation v2 + Platform Instructions):** -> "Provision tenants via API. Isolate them in a multi-tenant control plane. Govern their behavior at the system prompt level. Revoke access in one call. That's a complete partner platform — not a collection of features." diff --git a/docs/marketing/briefs/phase34-positioning.md b/docs/marketing/briefs/phase34-positioning.md deleted file mode 100644 index db0ab24d..00000000 --- a/docs/marketing/briefs/phase34-positioning.md +++ /dev/null @@ -1,87 +0,0 @@ -# Phase 34 — Positioning One-Pager -**Feature group:** Partner API Keys, Tool Trace, Platform Instructions, SaaS Federation v2 -**GA date:** April 30, 2026 -**Status:** INTERNAL DRAFT — for PMM review and press kit use -**Owner:** PMM -**Last updated:** 2026-04-23 - ---- - -## One-Sentence Positioning Statement - -Molecule AI Phase 34 gives enterprise teams the platform-native primitives — programmable access, built-in observability, and pre-execution governance — required to run AI agents in production, without the bolt-on integrations that add latency, maintenance burden, and security gaps. - ---- - -## Target Audience - -| | Role | What they care about | -|--|------|----------------------| -| **Primary** | Platform Engineering / DevOps leads | Shipping reliable agent infrastructure: observability, CI/CD integration, multi-environment support | -| **Primary** | Enterprise IT / Security Governance | Controlling agent behavior before it happens: policy enforcement, audit trails, compliance | -| **Secondary** | Partner / Marketplace integrations engineers | Embedding Molecule AI as the orchestration layer for their platform or marketplace | -| **Secondary** | Developer advocates / DevRel | Demonstrating enterprise-grade capabilities to prospective enterprise buyers | - ---- - -## Problem We Solve - -Enterprise teams adopting AI agents face three compounding failures at once: - -1. **Observability gaps** — Agents run and produce outputs, but teams have no structured record of *what the agent actually did*: which tools it called, with what inputs, in what order. Debugging is reverse-engineering from outputs. Cross-platform observability (Langfuse, Datadog) adds a pipeline but misses A2A-level agent behavior. - -2. **Governance gaps** — Agent behavior policies are enforced *after* the agent has already acted — filtering outputs, blocking writes post-hoc. Governance that only works after the fact is governance that failed. Enterprise IT and compliance teams need controls that shape behavior *before* the first token is generated. - -3. **Integration gaps** — Platforms that want to embed agent orchestration programmatically face a choice between building it themselves (months of work) or using browser sessions (brittle, non-programmatic). CI/CD teams need ephemeral test orgs per PR. Neither is solved by existing agent platforms. - ---- - -## Our Solution — Phase 34 Angle - -Phase 34 ships four features that address each failure at the platform layer — not as integrations, not as SDKs, not as post-hoc configuration: - -- **Partner API Keys** (`mol_pk_*`) — Scoped, revocable API tokens that let partner platforms, CI/CD pipelines, and marketplace resellers programmatically provision and manage Molecule AI orgs. No browser. No manual handoff. -- **Tool Trace** — `tool_trace[]` in every A2A `Message.metadata`. A structured, run_id-paired execution record: tool name, inputs, output previews, timing. No SDK, no sidecar, no sampling. -- **Platform Instructions** — Workspace-scoped system prompt rules that take effect at startup. Governance happens before the first turn, not after an incident. -- **SaaS Federation v2** — Multi-tenant control plane architecture: isolated orgs, cross-tenant guardrails, centralized billing for enterprise and marketplace deployments. - -**The Phase 34 angle:** These four features work together. A partner platform provisions an org via Partner API Keys, configures Platform Instructions for their tenants, gets full observability via Tool Trace, and operates it all inside a SaaS Federation v2 multi-tenant control plane. This is a coherent enterprise stack — not four unrelated features. - ---- - -## Key Differentiators vs. Competitors - -| Differentiator | LangGraph Cloud | CrewAI | Molecule AI Phase 34 | -|---------------|----------------|--------|----------------------| -| Built-in agent observability (no SDK) | ❌ | ❌ | **✅ Tool Trace** | -| Pre-execution governance (system prompt level) | ❌ | ❌ | **✅ Platform Instructions** | -| Programmatic partner org provisioning | ❌ (seat licensing only) | ❌ (marketplace listing only) | **✅ Partner API Keys** | -| CI/CD-native ephemeral orgs | ❌ | ❌ | **✅ Partner API Keys + CI/CD example** | -| Multi-tenant SaaS control plane | ❌ | ❌ | **✅ SaaS Federation v2** | -| A2A-native protocol | ✅ (in-progress, Q2-Q3 2026) | ❌ | **✅ live today** | - -**Counter-framing for sellers:** -> "LangGraph Cloud and CrewAI are end-user platforms. Molecule AI is infrastructure your platform builds on — with the governance and observability built in, not bolted on." - ---- - -## Proof Points - -| Claim | Evidence | -|-------|----------| -| Molecule AI is the only agent platform with built-in execution tracing | `tool_trace[]` in `Message.metadata` — no SDK, no sidecar. LangGraph and CrewAI require Langfuse/Helicone instrumentation. | -| Platform Instructions enforce governance before agents run | Workspace startup path prepends rules to system prompt. Policy takes effect before first token generated. | -| Partner API Keys enable programmatic org provisioning | `POST /cp/admin/partner-keys` creates orgs via API. Keys are SHA-256 hashed, org-scoped, rate-limited, revocable via `DELETE`. | -| Ephemeral test orgs per PR are fully automated | CI/CD example in partner onboarding guide: `POST` create → run tests → `DELETE` teardown. No manual cleanup, no shared-state contamination. | -| SaaS Federation v2 enables multi-tenant isolation | Tutorial at `docs/marketing/launches/pr-1613-saas-federation-v2.md`. Org-scoped keys + control plane boundary. | -| Design partner (Acme Corp) validates enterprise readiness | Acme Corp integration (design partner, name pending PM confirmation). Reference use case: partner-provisioned orgs for Acme's customer base. | - ---- - -## Internal Use Notes - -- Partner API Keys are **BETA** — do not claim GA in press materials. Use "now available in beta" or "shipping April 30, 2026." -- Tool Trace and Platform Instructions shipped via PR #1686 — **BETA**. -- SaaS Federation v2 — **BETA** or **EARLY ACCESS**, pending PM label confirmation. -- Do not use "Acme Corp" in any externally published copy — placeholder only. Confirm partner name with PM before press release. -- Phase 30 linkage: Phase 30 shipped `mol_ws_*` (per-workspace auth). Phase 34 extends to `mol_pk_*` (partner-level keys). Cross-sell: "Phase 30 workspace isolation + Phase 34 partner scoping — the only platform with both." diff --git a/docs/marketing/campaigns/a2a-enterprise-deep-dive/social-copy.md b/docs/marketing/campaigns/a2a-enterprise-deep-dive/social-copy.md deleted file mode 100644 index 3ec85641..00000000 --- a/docs/marketing/campaigns/a2a-enterprise-deep-dive/social-copy.md +++ /dev/null @@ -1,106 +0,0 @@ -# A2A Enterprise Deep-Dive — Social Copy -**Source:** `docs/blog/2026-04-22-a2a-v1-agent-platform/index.md` (staged, approved) -**Status:** APPROVED (PMM — 72h window, Marketing Lead offline) -**Blog slug:** `a2a-enterprise-any-agent-any-infrastructure` -**Key angle:** "A2A is solved. A2A governance is not." -**Campaign:** A2A Enterprise Deep-Dive | Phase 30 T+1 -**Owner:** PMM | **Executor:** Social Media Brand -**OG image:** `docs/assets/blog/2026-04-22-a2a-enterprise-og.png` (VERIFY — file not found in workspace assets, use `marketing/assets/phase30-fleet-diagram.png` as fallback) - -**Git branch note:** This file is on `staging` branch — not committed to origin/main. For execution on origin/main, copy must be cherry-picked or the branch switched. Confirm executor has staging access. - ---- - -## X Post 1 — The Protocol Moment (lead hook) -``` -A2A v1.0 shipped March 12. 23.3k stars. Five official SDKs. 383 implementations. - -That's the moment the agent internet gets a standard. - -The question isn't whether your platform supports it — it's whether it was built for it or added on top. - -Molecule AI: built for it from day one. - -#A2A #MultiAgent #AIAgents -``` - ---- - -## X Post 2 — Native vs. Added (governance differentiator) -``` -Most platforms add A2A as a feature layer on top of existing architecture. - -Molecule AI: A2A is the operating system. The org chart is the routing table. Per-workspace auth tokens are enforced on every call — not conventions a misconfigured integration can bypass. - -That's the difference between bolted-on and built-in. - -#A2A #EnterpriseAI #AgentGovernance -``` - ---- - -## X Post 3 — Code proof (technical credibility) -``` -You can register an external agent on Molecule AI in under 100 lines. - -One POST to register. A heartbeat loop. That's it. -Agents stay where they are — on-prem, AWS, GCP — and join the fleet canvas. - -No VPN. No custom integration. Just A2A. - -#A2A #DevOps #MultiAgent -``` - ---- - -## X Post 4 — Enterprise buyer close (audit + governance) -``` -For production AI agent fleets, A2A compatibility isn't enough. - -You need: -→ Per-workspace auth tokens enforced at every route -→ Audit trail that survives agent migrations -→ Org-level revocation, not integration-level policy - -That's protocol-native governance. Not bolted on. - -#EnterpriseAI #AIAgents #AgentGovernance -``` - ---- - -## LinkedIn Post — Full narrative (100–200 words) -``` -A2A v1.0 shipped March 12, 2026. 23,300 GitHub stars. Five official SDKs. 383 community implementations. - -The agent internet just got a standard. And every AI platform now has to answer the same question: Is A2A something you were built for, or something you added on top? - -Most platforms add it. One platform was built for it from the ground up. - -Molecule AI's A2A implementation is structural — not a feature. Every authenticated route enforces per-workspace bearer tokens. Every agent, whether it runs in the platform's Docker network or on a different cloud, appears on the same fleet canvas with the same audit trail. - -External agents register in under 100 lines of Python. No VPN. No custom integration. Agents stay where they are and join the fleet. - -This is what protocol-native AI agent governance looks like in production — not on a roadmap. - -→ Read the full A2A v1.0 deep-dive: https://docs.molecule.ai/blog/a2a-v1-agent-platform?utm_source=social&utm_medium=linkedin&utm_campaign=a2a-enterprise-deep-dive -→ Register an external agent: https://docs.molecule.ai/docs/guides/external-agent-registration?utm_source=social&utm_medium=linkedin&utm_campaign=a2a-enterprise-deep-dive -``` - ---- - -## Self-Review Checklist -- [x] No benchmarks or performance claims -- [x] No person names -- [x] No timeline claims or dates (other than March 12 A2A ship — fact, not claim) -- [x] No competitor names in copy (cloud provider absorption framed as protocol validation, not attack) -- [x] All claims traceable to blog post source material -- [x] No GA date mentions -- [x] CTA links are canonical Molecule AI domain - ---- - -## Execution Notes -- X credentials gap still open (Social Media Brand blocked). Manual posting workflow applies if credentials not restored. -- Hashtags: `#A2A #MultiAgent #AIAgents #EnterpriseAI #AgentGovernance #DevOps` -- Canonical URL: `docs.molecule.ai/blog/a2a-v1-agent-platform` \ No newline at end of file diff --git a/docs/marketing/campaigns/org-api-keys-launch/social-copy.md b/docs/marketing/campaigns/org-api-keys-launch/social-copy.md deleted file mode 100644 index ca3fdee1..00000000 --- a/docs/marketing/campaigns/org-api-keys-launch/social-copy.md +++ /dev/null @@ -1,97 +0,0 @@ -# Org-Scoped API Keys — Social Copy -**Campaign:** Org-Scoped API Keys | **Blog:** `docs/blog/2026-04-25-org-scoped-api-keys/index.md` -**Canonical URL:** `moleculesai.app/blog/org-scoped-api-keys` -**Status:** APPROVED — URL and asset fixes applied by PMM (2026-04-25 Day 5 pre-publish) -**Owner:** PMM → Social Media Brand | **Launch:** Coordinated with PR #1342 merge - ---- - -## X (140–280 chars) - -### Version A — Security framing -``` -Every integration. One credential. Zero shared secrets. - -Org-scoped API keys: named, revocable, with full audit trail. Rotate without downtime. Attribute every call back to the key that made it. - -Your security team called — this is the answer. -``` - -### Version B — Production use cases -``` -Three things that break at scale with a shared ADMIN_TOKEN: - -1. You can't rotate without downtime -2. You can't tell which agent called your API -3. Compromised token = everything compromised - -Org-scoped keys fix all three. -``` - -### Version C — Developer angle -``` -How to give a CI pipeline its own API key: - -1. POST /org/tokens with a name -2. Store the token (shown once) -3. Done. - -That's it. Named. Revocable. Audited. -``` - -### Version D — Enterprise angle -``` -Replace your shared ADMIN_TOKEN. - -Org-scoped API keys: one per integration, immediate revocation, full audit trail. Rotate without coordinating downtime. - -Tiers: Lazy bootstrap → WorkOS session → Org token → ADMIN_TOKEN (break-glass). - -Security teams love this architecture. -``` - ---- - -## LinkedIn (100–200 words) - -``` -When your engineering team scales from two agents to twenty, a single ADMIN_TOKEN hardcoded in your environment is a single point of failure. - -Org-scoped API keys give every integration its own credential: named, revocable, with full audit trail. Rotate without coordinating downtime across ten agents. Identify exactly which integration called your API. Revoke one key without touching the others. - -The security model: tier-based authentication priority (WorkOS session first, org tokens primary for service integrations, ADMIN_TOKEN as break-glass only). When a request arrives, the platform checks in priority order — and every org API key call is attributed in the audit log with its key prefix and creation provenance. - -Every call traced. Every key revocable. Every rotation zero-downtime. - -Navigate to Settings → Org API Keys in the Canvas, or use the REST API directly. - -→ moleculesai.app/blog/org-scoped-api-keys -``` - ---- - -## Image suggestions - -| Post | Image | Source | -|---|---|---| -| X Version A | `before-after-credential-model.png` — shared key vs org-scoped (red/green table) | `campaigns/org-api-keys-launch/` | -| X Version B | 3-item checklist: Rotate without downtime / Attribute every call / Revoke one key | Custom graphic | -| X Version C | `audit-log-terminal.png` — terminal showing token creation and audit attribution | `campaigns/org-api-keys-launch/` | -| X Version D | Auth tier hierarchy: Lazy bootstrap → WorkOS → Org token → ADMIN_TOKEN (break-glass) | Custom graphic | -| LinkedIn | `canvas-org-api-keys-ui.png` — Canvas Settings → Org API Keys tab | `campaigns/org-api-keys-launch/` | - -**Do NOT use:** `phase30-fleet-diagram.png` — wrong visual for this campaign. - -**CTA URL:** `moleculesai.app/blog/org-scoped-api-keys` *(corrected from `moleculesai.app/blog/deploy-anywhere`)* - ---- - -## Hashtags - -`#MoleculeAI #APIKeys #EnterpriseSecurity #A2A #DevOps #MultiAgent` - ---- - -## UTM - -`?utm_source=linkedin&utm_medium=social&utm_campaign=org-api-keys-launch` diff --git a/docs/marketing/devrel/demos/agents-md-autogen-demo.md b/docs/marketing/devrel/demos/agents-md-autogen-demo.md deleted file mode 100644 index fd8ff603..00000000 --- a/docs/marketing/devrel/demos/agents-md-autogen-demo.md +++ /dev/null @@ -1,121 +0,0 @@ -# AGENTS.md Auto-Generation — Interactive Demo Script -**Issue:** #1172 | **Source:** PR #763 | **Acceptance:** Working demo + 1-min screencast - ---- - -## What This Demo Shows - -1. A workspace with a `role` and `description` in `config.yaml` -2. `generate_agents_md()` called at startup -3. The resulting `AGENTS.md` that peer agents can read -4. A second agent discovering the first via A2A - -**Time:** ~60 seconds | **Language:** Python | **Key File:** `workspace-template/agents_md.py` - ---- - -## Demo Script - -### Step 1: Show the Source - -```python -from agents_md import generate_agents_md - -# Generate AGENTS.md from the workspace config -generate_agents_md(config_dir="/configs", output_path="/workspace/AGENTS.md") - -# Read what was generated -print(Path("/workspace/AGENTS.md").read_text()) -``` - -### Step 2: Show the Generated Output - -Running the above on a workspace with: - -```yaml -# config.yaml -name: Code Reviewer -role: Senior Code Reviewer -description: Reviews pull requests, flags security issues, suggests test coverage improvements. -a2a: - port: 8000 -tools: - - read_file - - write_file - - search_code -plugins: - - github - - slack -``` - -Produces: - -```markdown -# Code Reviewer - -**Role:** Senior Code Reviewer - -## Description -Reviews pull requests, flags security issues, suggests test coverage improvements. - -## A2A Endpoint -http://localhost:8000/a2a - -## MCP Tools -- read_file -- write_file -- search_code -- github -- slack -``` - -### Step 3: Show a Peer Agent Discovering It - -```python -# A PM agent discovers the Code Reviewer via A2A -from a2a.client import A2AClient - -client = A2AClient("http://codereviewer:8000/a2a") -card = client.discover() # Reads their AGENTS.md - -print(f"Discovered agent: {card.name} ({card.role})") -print(f"Available tools: {card.tools}") -``` - -Output: -``` -Discovered agent: Code Reviewer (Senior Code Reviewer) -Available tools: ['read_file', 'write_file', 'search_code', 'github', 'slack'] -``` - -**Narrative:** "No configuration files to maintain. No registry to update. Peer agents discover each other the same way humans discover each other — by reading each other's profiles." - ---- - -## Screencast Outline (~60s) - -| Time | Action | -|------|--------| -| 0–15s | Open `config.yaml` — show `role` field | -| 15–30s | Show `generate_agents_md()` call in `main.py` — "called at startup" | -| 30–45s | Run it — show the generated `AGENTS.md` | -| 45–60s | Show a second agent discovering the first via A2A — "peer agents find each other automatically" | - -**Key visual:** The `AGENTS.md` file appearing in the Canvas sidebar — visible, always current, no manual sync. - ---- - -## The AGENTS.md Standard - -This implements the [AAIF / Linux Foundation AGENTS.md standard](https://github.com/AI-Agents/AGENTS.md). Key properties: - -- **Self-describing** — agents publish their own identity, role, and tools -- **Startup-generated** — always current, no drift from config -- **A2A-native** — discovery happens over the A2A protocol, no external registry - ---- - -## Files - -- Demo script: `docs/marketing/devrel/demos/agents-md-autogen-demo.md` -- Source file: `workspace-template/agents_md.py` (PR #763) diff --git a/docs/marketing/devrel/demos/cloudflare-artifacts-demo.md b/docs/marketing/devrel/demos/cloudflare-artifacts-demo.md deleted file mode 100644 index 752e9e07..00000000 --- a/docs/marketing/devrel/demos/cloudflare-artifacts-demo.md +++ /dev/null @@ -1,119 +0,0 @@ -# Cloudflare Artifacts — Interactive Demo Script -**Issue:** #1173 | **Source:** PR #641 | **Acceptance:** Working demo + repo link + 1-min screencast - ---- - -## What This Demo Shows - -1. Provision a Cloudflare Artifacts Git repo for a workspace -2. Clone it, write a file, push a commit -3. Fork a branch, make a change, merge back - -**Time:** ~60 seconds | **Tools:** curl, git, Molecule AI Canvas | **Setup:** `CLOUDFLARE_API_TOKEN`, `CLOUDFLARE_ARTIFACTS_NAMESPACE` - ---- - -## Demo Script - -### Step 1: Create a Repo - -```bash -curl -s -X POST https://your-deployment.moleculesai.app/artifacts/repos \ - -H "Authorization: Bearer $ORG_API_KEY" \ - -H "Content-Type: application/json" \ - -d '{"name": "demo-workspace", "description": "Agent demo workspace"}' | jq . -``` - -Expected output: -```json -{ - "id": "repo_abc123", - "name": "demo-workspace", - "remote_url": "https://x:@hash.artifacts.cloudflare.net/git/repo-abc123.git", - "created_at": "2026-04-21T00:00:00Z" -} -``` - -**Narrative:** "Every Molecule AI workspace can now have its own versioned Git repo on Cloudflare's edge." - ---- - -### Step 2: Clone and Push a Snapshot - -```bash -# Clone the repo (TOKEN is embedded in the remote URL from Step 1) -git clone https://x:@hash.artifacts.cloudflare.net/git/repo-abc123.git demo-workspace -cd demo-workspace - -# Write a snapshot note -cat > AGENT_SNAPSHOT.md << 'EOF' -# Agent Run — 2026-04-21 - -Task: Refactored the auth module. 3 tests added, 1 bug fixed. -Status: Complete. Ready for reviewer agent. -EOF - -git add AGENT_SNAPSHOT.md -git commit -m "feat: agent run snapshot — auth module refactor" -git push origin main -``` - -**Narrative:** "The agent writes its work as a Git commit. Every run is versioned." - ---- - -### Step 3: Fork Before an Experiment - -```bash -# Fork the workspace — creates an isolated branch -curl -s -X POST https://your-deployment.moleculesai.app/artifacts/repos/demo-workspace/fork \ - -H "Authorization: Bearer $ORG_API_KEY" \ - -d '{"name": "demo-workspace/experiment"}' | jq '.repo.remote_url' -``` - -```bash -git clone https://x:@hash.artifacts.cloudflare.net/git/repo-abc123-fork.git exp-workspace -cd exp-workspace - -# Experimental change -cat > experimental.md << 'EOF' -# Experimental: New auth strategy -Testing a token-less approach using WorkOS session tokens. -EOF - -git add experimental.md -git commit -m "feat(experiment): token-less auth prototype" -git push origin main -``` - -**Narrative:** "Before a risky change, the agent forks — like a Git branch. If it fails, main stays clean." - ---- - -### Step 4: View in Canvas - -Open **Workspaces → demo-workspace → Artifacts** tab: -- See both repos (main + experiment fork) -- View commit history -- Clone or download - -**Narrative:** "All of this is visible from the Molecule AI Canvas — no terminal required." - ---- - -## Screencast Outline (~60s) - -| Time | Action | -|------|--------| -| 0–10s | Open Canvas → Workspaces → Artifacts tab | -| 10–25s | Run Step 1 curl → show repo created in UI | -| 25–45s | Show git clone + commit + push in terminal | -| 45–55s | Run fork step, show experiment branch in Canvas | -| 55–60s | Zoom commit history — "every agent run is a Git commit" | - ---- - -## Files - -- Demo script: `docs/marketing/devrel/demos/cloudflare-artifacts-demo.sh` -- Canvas screenshot: `docs/marketing/devrel/demos/cloudflare-artifacts-canvas.png` diff --git a/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video-1x1.mp4 b/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video-1x1.mp4 deleted file mode 100644 index f6fda641..00000000 Binary files a/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video-1x1.mp4 and /dev/null differ diff --git a/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video-9x16.mp4 b/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video-9x16.mp4 deleted file mode 100644 index ba689467..00000000 Binary files a/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video-9x16.mp4 and /dev/null differ diff --git a/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video.mp4 b/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video.mp4 deleted file mode 100644 index 48adb7b3..00000000 Binary files a/docs/marketing/devrel/demos/phase30-hero-video/phase30-hero-video.mp4 and /dev/null differ diff --git a/docs/marketing/discord-adapter-day2/announcement.md b/docs/marketing/discord-adapter-day2/announcement.md deleted file mode 100644 index a75db641..00000000 --- a/docs/marketing/discord-adapter-day2/announcement.md +++ /dev/null @@ -1,81 +0,0 @@ -# Discord Adapter Day 2 — Community Copy - -> Posted 2026-04-21. Discord adapter launched Day 1; Day 2 covers Reddit, Hacker News. -> Blog URL: https://moleculesai.app/blog/discord-adapter-launch -> PR: https://github.com/Molecule-AI/molecule-core/pull/656 - ---- - -## Reddit r/LocalLLaMA - -**Title:** Molecule AI now connects to Discord via a webhook — no bot account, no Gateway, no OAuth - -``` -Molecule AI workspaces can now send messages to Discord and receive slash commands using only a webhook URL. No Discord Developer Portal, no intents, no bot token — just an inbound webhook and your agent is in the channel. - -Built it as a proof-of-concept to keep our own team workflow on Discord without the overhead of a full bot app. Figured other people might want the same thing. - -The adapter uses Discord's built-in webhook delivery for outbound + slash command reception. No polling. No Gateway connection. Works behind NAT — the agent initiates all outbound connections to the platform, which proxies to Discord. - -Here's the architecture gist: -- Outbound: POST to Discord webhook URL (standard, no auth beyond the URL token) -- Inbound: Discord delivers slash command payloads to a platform endpoint; platform fans out to the relevant workspace via A2A -- No Discord bot app required. No Developer Portal setup. - -If your team lives in Discord and you want an AI agent that can post summaries, respond to /ask commands, and route alerts — it's now a webhook URL and a config line. - -Demo repo and docs: https://github.com/Molecule-AI/molecule-core/tree/main/docs/blog/2026-04-21-discord-adapter - -Happy to answer questions about the adapter design. -``` - -**Tags:** `discord`, `mcp`, `molecule-ai`, `webhook`, `ai-agents` - ---- - -## Reddit r/MachineLearning - -**Title:** Show HN: Molecule AI Discord adapter — AI agents in Discord via webhook, no bot account needed - -``` -Show HN: Molecule AI Discord adapter — webhook-only, no Gateway connection required - -HN: built a Discord integration for Molecule AI workspaces that requires zero bot app setup. It's just a webhook URL and an agent config. - -The problem: Discord bot integrations typically require a Developer Portal app, OAuth flow, Gateway connection management, intent configuration, and rate limit handling. That's a meaningful chunk of work before your agent can say hello. - -The approach: use Discord's native webhook delivery for inbound slash commands (no Gateway) and standard webhook POST for outbound messages. The platform acts as a proxy — Discord delivers to the platform endpoint, the platform routes to the relevant workspace via A2A. Works behind NAT since the agent initiates outbound connections. - -No bot token. No intents. No Gateway. - -Code: https://github.com/Molecule-AI/molecule-core/tree/main/docs/blog/2026-04-21-discord-adapter -Launch post: https://moleculesai.app/blog/discord-adapter-launch -``` - ---- - -## Hacker News - -**Title:** Molecule AI — Discord adapter via webhook (no bot account, no Gateway) - -**Body:** - -Built a Discord integration for Molecule AI workspaces that works with just a webhook URL — no Discord Developer Portal setup, no bot token, no Gateway connection. - -**Why** - -Our own team lives in Discord. We wanted a lightweight way to have an AI agent respond to slash commands and post updates without the overhead of a full bot app. Realized Discord's native webhook primitives cover both inbound (slash command delivery) and outbound (channel messages) if you proxy through a platform endpoint. - -**How it works** - -- Outbound: agent POSTs to a Discord webhook URL (standard, URL contains the auth token) -- Inbound: Discord delivers slash command payloads to a platform endpoint; platform fans out to the relevant workspace via A2A -- No bot account required. No Gateway. Works behind NAT — the agent only initiates outbound connections. - -The adapter lives in the MCP server (`mcp-server/src/tools/channels/discord.go`) alongside Telegram and other channel adapters. Each workspace configures its own Discord channel with a webhook URL. - -**Links** - -- Docs: https://moleculesai.app/blog/discord-adapter-launch -- Code + examples: https://github.com/Molecule-AI/molecule-core/tree/main/docs/blog/2026-04-21-discord-adapter -- PR: https://github.com/Molecule-AI/molecule-core/pull/656 diff --git a/docs/marketing/launches/pr-1080-waitlist-page.md b/docs/marketing/launches/pr-1080-waitlist-page.md deleted file mode 100644 index 69567581..00000000 --- a/docs/marketing/launches/pr-1080-waitlist-page.md +++ /dev/null @@ -1,59 +0,0 @@ -# Launch Brief: Waitlist Page with Contact Form -**PR:** [#1080](https://github.com/Molecule-AI/molecule-core/pull/1080) — `feat(canvas): /waitlist page with contact form` -**Merged:** 2026-04-20T16:47:35Z -**Owner:** PMM -**Status:** DRAFT - ---- - -## Problem - -Users whose email isn't on the beta allowlist hit a dead end after WorkOS auth redirect — no capture mechanism, no explanation, no next step. The loop wasn't closed on the unauthenticated user experience. - ---- - -## Solution - -A dedicated `/waitlist` page that captures waitlist interest with email + optional name + use-case. Soft dedup prevents spam. Privacy guard ensures client never auto-pre-fills email from URL params (regression test included). - ---- - -## 3 Core Claims - -1. **No more dead ends.** Email not on allowlist → friendly waitlist page with context, not a broken auth redirect. -2. **Capture + qualify.** Name + use-case fields let the team segment and prioritize inbound interest. -3. **Privacy by design.** Client-side privacy test ensures email is never auto-pre-filled from URL params — compliance-adjacent and trust-building. - ---- - -## Target Developer - -- Developers evaluating Molecule AI who hit the beta wall -- Indie devs and teams wanting early access -- PM/sales for waitlist segmentation - ---- - -## CTA - -"Join the waitlist → [form]" — Captures warm inbound interest for future GA outreach. - ---- - -## Positioning Alignment - -- Low-key feature, not a core positioning angle -- Secondary signal: demonstrates product care (privacy regression test = security-minded team) -- Useful as a "we're growing responsibly" proof point in growth metrics - ---- - -## Open Questions - -- Is this waitlist for self-hosted users, SaaS users, or both? -- Is there a CRM integration for the captured leads? -- Does this need a blog post or is it an infra/UX maintenance item? - ---- - -*Not high priority for launch brief promotion. Monitor for CRM workflow integration.* diff --git a/docs/marketing/launches/pr-1105-org-scoped-api-keys.md b/docs/marketing/launches/pr-1105-org-scoped-api-keys.md deleted file mode 100644 index 14f33234..00000000 --- a/docs/marketing/launches/pr-1105-org-scoped-api-keys.md +++ /dev/null @@ -1,64 +0,0 @@ -# Launch Brief: Org-Scoped API Keys -**PR:** [#1105](https://github.com/Molecule-AI/molecule-core/pull/1105) — `feat(auth): org-scoped API keys` -**Merged:** 2026-04-20 -**Owner:** PMM | **Status:** DRAFT — routing to Content Marketer - ---- - -## Problem - -Everyday development and integrations required full-admin tokens (`ADMIN_TOKEN`). There was no way to issue a token scoped to a specific org — you either got full access or nothing. For platform teams sharing tokens across tools, this was a silent security risk and a governance gap enterprise buyers flag in security reviews. - ---- - -## Solution - -User-minted full-admin tokens replace `ADMIN_TOKEN` for everyday use, with org-level scoping and a canvas UI tab for token management. Admins can now issue, rotate, and revoke tokens with the minimum required scope — org only, no global access. - ---- - -## 3 Core Claims - -1. **Scoped by default.** Org-level bearer tokens replace shared admin keys. Workspace A's token cannot hit Workspace B — enforced at the protocol level (Phase 30.1 auth model). -2. **Self-service token management.** Canvas UI tab lets admins issue, rotate, and revoke tokens without touching infra config. -3. **Enterprise procurement-ready.** Org scoping closes the gap that security reviewers flag in eval questionnaires — no more "one global key for everything." - ---- - -## Target Developer - -- **Indie devs / small teams** who want to rotate tokens without redeploying -- **Platform teams** integrating Molecule AI into multi-tenant tooling -- **Enterprise security reviewers** who require scoped auth before purchase - ---- - -## CTA - -"Replace your shared admin key. Issue org-scoped tokens from the canvas." → Docs link: TBD (confirm routing) - ---- - -## Coverage Decision (from Content Marketer, 2026-04-21) - -**No standalone blog post needed.** Folds into Phase 30 secure-by-design narrative. Social copy at `campaigns/org-api-keys-launch/social-copy.md` is the right level of coverage. - ---- - -## Positioning Alignment - -- Strengthens Phase 30.1 auth narrative (`X-Workspace-ID` + per-workspace tokens) -- Directly addresses the "governance" concern surfaced in enterprise positioning -- No competitor has a clear org-scoped token story — potential differentiation angle - ---- - -## Open Questions - -- [x] Does this need a dedicated blog post? → No (Content Marketer confirmed) -- [ ] Does the canvas UI tab have a public GA date? -- [ ] CTA doc link — confirm docs routing before publish - ---- - -*PMM — route social copy to Social Media Brand once canvas UI tab is GA.* diff --git a/docs/marketing/launches/pr-1531-instance-id-persistence.md b/docs/marketing/launches/pr-1531-instance-id-persistence.md deleted file mode 100644 index 169cb0c6..00000000 --- a/docs/marketing/launches/pr-1531-instance-id-persistence.md +++ /dev/null @@ -1,92 +0,0 @@ -# Positioning Brief: EC2 Instance ID Persistence -**PR:** [#1531](https://github.com/Molecule-AI/molecule-core/pull/1531) — `feat(workspace): persist CP-returned EC2 instance_id on provision` -**Merged:** 2026-04-22T01:40Z (~21h ago) -**Owner:** PMM | **Status:** DRAFT — pending Marketing Lead review - ---- - -## Situation - -Control Plane workspace provisioning (SaaS / Phase 30 infrastructure) runs on EC2. The CP returns an `instance_id` when a workspace is provisioned, but previously this was not stored — the platform couldn't distinguish a CP-provisioned workspace from a Docker workspace once running. - -PR #1531 persists the `instance_id` returned by the CP into the workspaces table, enabling downstream features that require knowing which EC2 instance backs a workspace. - ---- - -## Problem Statement - -Downstream features — notably browser-based terminal (EC2 Instance Connect SSH, PR #1533) and audit attribution — require a reliable `instance_id` field on the workspace record. Without it: -- Terminal tab can't determine which EC2 instance to connect to -- Audit log can't cross-reference workspace events with actual EC2 activity in CloudTrail -- Cost attribution by instance can't work reliably - -The CP already returns `instance_id`; the platform just wasn't storing it. - ---- - -## Core Claims - -### Claim 1: Platform now knows which EC2 instance backs each workspace - -The `instance_id` is stored at provision time and available on every subsequent workspace API response. This is a prerequisite for several Phase 30 features — not visible to end users directly, but enables the features that are. - -### Claim 2: Browser-based terminal is now possible for all CP-provisioned workspaces - -EICE (PR #1533) uses `instance_id` to initiate the SSH session. Without #1531, EICE can't know which instance to target. Together, #1531 + #1533 = SaaS users get a terminal tab with no SSH keys. - -### Claim 3: Audit trail is now attributable to specific EC2 instances - -Workspace-level CloudTrail events can now be correlated to the actual EC2 instance via `instance_id`. Compliance teams get more complete audit data. - ---- - -## Target Audience - -**Primary:** DevOps and platform engineers managing SaaS-provisioned workspaces. The `instance_id` is invisible to them unless they look at the API — but the features it enables (terminal, audit) are visible. - -**Secondary:** Enterprise security/compliance reviewers evaluating Molecule AI SaaS. `instance_id` persistence + CloudTrail attribution is a governance signal. - ---- - -## Positioning Alignment - -- **Phase 30 remote workspaces**: `instance_id` is prerequisite infrastructure for the SaaS-side remote workspace UX (terminal + audit) -- **Per-workspace auth tokens**: Platform-level resource identification supports token-scoped access decisions -- **Immutable audit trail**: `instance_id` cross-reference makes CloudTrail events attributable to specific workspaces - -This is a **prerequisite PR** — it ships the data layer for features in PR #1533 and future CP-provisioned workspace capabilities. Not a standalone launch. - ---- - -## Channel Coverage - -| Channel | Asset | Owner | Notes | -|---------|-------|-------|-------| -| Release notes | Mention in Phase 30 release notes | DevRel | Brief entry — "EC2 instance_id now stored on provision" | -| Phase 30 blog | Call out in remote workspaces blog | Content Marketer | One sentence — "CP-provisioned workspaces now store their EC2 instance ID" | -| No standalone blog or social | Not warranted — prerequisite PR | — | | - -**This is not a standalone campaign.** The value is in enabling other features. - ---- - -## Relationship to PR #1533 (EC2 Instance Connect SSH) - -PR #1531 + #1533 together deliver: SaaS workspace gets a browser-based terminal tab, no SSH keys required. - -- **PR #1531**: Store the `instance_id` (data layer) ✅ **this brief** -- **PR #1533**: Connect via EICE using `instance_id` (UX layer) — brief exists at `pr-1533-ec2-instance-connect-ssh.md` - -Route both to DevRel together. Content Marketer uses #1531 as one sentence in the EC2 Instance Connect SSH blog post. - ---- - -## Sign-off - -- [x] PMM positioning: approved -- [ ] Marketing Lead: pending -- [ ] DevRel: note in release notes + coordinate with #1533 - ---- - -*PMM — this PR is a prerequisite. Coordinate release note entry with #1533. Close when routed.* \ No newline at end of file diff --git a/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md b/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md deleted file mode 100644 index d4f94a45..00000000 --- a/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md +++ /dev/null @@ -1,152 +0,0 @@ -# Positioning Brief: EC2 Instance Connect SSH -**PR:** [#1533](https://github.com/Molecule-AI/molecule-core/pull/1533) — `feat(terminal): remote path via aws ec2-instance-connect + pty` -**Merged:** 2026-04-22 -**Owner:** PMM | **Status:** APPROVED — routing to team - ---- - -## Situation - -When workspace provisioning moved from local Docker to the SaaS control plane (Fly Machines / EC2), a gap opened: Docker workspaces had a canvas terminal tab. SaaS-provisioned EC2 workspaces didn't — there was no path to exec into a cloud VM from the browser without a public IP, pre-configured SSH keys, or a bastion host. - -PR #1533 closes that gap using **EC2 Instance Connect Endpoint (EICE)** — a purpose-built AWS service for IAM-authenticated, key-free SSH access to instances, including those in private subnets. - ---- - -## Problem Statement - -Getting a terminal into a SaaS-provisioned EC2 workspace requires infrastructure that most users don't have set up. The options available before this PR: - -| Option | What's needed | Works for agents? | -|--------|---------------|---------------------| -| Direct SSH | Public IP + keypair + key distribution | No — no public IP on private-subnet EC2s | -| Bastion host | Separate EC2 + SSH config + key for bastion | No — extra infra, adds attack surface | -| SSM Session Manager | SSM agent installed + IAM profile + session document | Partially — requires pre-config per instance | -| EC2 Instance Connect CLI | `aws ec2-instance-connect ssh` — but must be run from a machine with the right IAM | Designed for humans, not agent runtimes | - -For an agent runtime that spins up workspaces dynamically, none of these are acceptable. EC2 Instance Connect via EICE is the right fit: it requires only IAM permissions and a VPC Endpoint (already available in the SaaS VPC), and the session is initiated server-side by the platform — not by the agent's laptop. - ---- - -## Solution - -CP-provisioned workspaces (those with an `instance_id` in the workspaces table) get a terminal tab in the canvas automatically. The platform handles the EICE handshake and proxies the PTY over the WebSocket — the user sees a fully interactive terminal with no configuration required. - -``` -User opens terminal tab in canvas - → platform checks workspace.instance_id - → instance_id found → spawn aws ec2-instance-connect ssh --connection-type eice - → PTY bridged to canvas WebSocket - → user gets interactive shell in < 3 seconds -``` - ---- - -## Core Claims - -### Claim 1: No SSH keys, no bastion, no public IP - -EC2 Instance Connect pushes a temporary RSA key to the instance metadata via the AWS API, valid for 60 seconds. The session uses that key — no pre-shared key on disk, no key rotation to manage, no key distribution to instances. The platform initiates the connection; users never touch an SSH key. - -### Claim 2: Private subnet instances work out of the box - -EICE (EC2 Instance Connect Endpoint) routes the connection through AWS's internal network — no internet egress, no public IP, no ingress security group rules. The only requirement is a VPC Endpoint for EC2 Instance Connect in the same VPC as the target instance. The SaaS VPC already has this. - -### Claim 3: Zero per-user configuration - -The terminal tab appears for every CP-provisioned workspace automatically. No IAM role setup by the user, no SSM configuration, no bastion. The platform's IAM credentials (the same ones used to provision the instance) are used for EICE — the user doesn't need to know anything about AWS IAM policies to get a shell. - ---- - -## Target Audience - -**Primary:** DevOps and platform engineers managing SaaS-provisioned workspaces on EC2. They want browser-based terminal access without SSH key overhead. They likely already have IAM roles set up for their AWS environment and will recognise EICE as the right primitive. - -**Secondary:** Enterprise security reviewers evaluating Molecule AI's SaaS offering. The ability to connect to cloud VMs via IAM — not shared SSH keys — is a meaningful signal. It aligns with the enterprise governance narrative and per-workspace auth token story. - -**Not the audience:** Self-hosted users (Docker workspaces already have terminal via `docker exec`). The value proposition is SaaS/Control Plane-specific. - ---- - -## Competitive Angle - -EC2 Instance Connect integration for browser-based terminal access is not documented for any competitor: - -- **LangGraph**: No terminal integration. Users who want shell access to provisioned resources must SSH manually or use SSM Session Manager via the AWS CLI. -- **CrewAI**: No cloud VM terminal story. Enterprise tier has SaaS management UI, but no browser-based shell access. -- **AutoGen (Microsoft)**: No EC2 integration documented. Relies on user-managed infrastructure. -- **Custom/self-rolled agent platforms**: Must implement EICE or SSM themselves. Molecule AI ships it as a product feature. - -This is an uncontested claim for the AWS-aligned segment. It belongs in press briefings and analyst conversations as a concrete example of the SaaS control plane doing work users would otherwise have to do themselves. - ---- - -## Messaging Tier - -**Feature tier: Enhancement** (not a standalone product launch) - -EC2 Instance Connect SSH is a meaningful UX improvement to the SaaS workspace experience. It belongs in: -- Phase 30 remote workspaces narrative as "SaaS terminal access" -- SaaS onboarding copy ("your EC2 workspace has a terminal tab — no SSH keys needed") -- Release notes (not a press release) - -**Do not frame as:** -- A new standalone product -- A replacement for local Docker terminal -- A competitor-specific feature (lead with the benefit, not the AWS integration) - ---- - -## Taglines - -Primary: *"Your SaaS workspace has a terminal tab. No SSH keys required."* - -Secondary: *"Connect to any EC2 workspace from the canvas — IAM-authorized, no bastion, no public IP."* - -Fallback (technical): *"CP-provisioned workspaces get browser-based terminal via AWS EC2 Instance Connect Endpoint. No keypair on disk. No bastion. No configuration."* - ---- - -## Channel Coverage - -| Channel | Asset | Owner | Status | -|---------|-------|-------|--------| -| Blog post | "How to access your EC2 workspace terminal from the canvas" | Content Marketer | Blocked: needs DevRel code demo first (#1545) | -| Social launch thread | 5 posts: problem → solution → claim 1 → claim 2 → CTA | Social Media Brand | ✅ APPROVED — copy at `docs/marketing/social/2026-04-22-ec2-instance-connect-ssh/social-copy.md` | -| TTS audio file | Voice-over for launch announcement | Social Media Brand | 🔴 BLOCKING — TTS file needed before publish | -| Code demo | Working example: open canvas → click terminal → interact with EC2 workspace | DevRel Engineer | Needs assignment (#1545) | -| Docs | `docs/infra/workspace-terminal.md` | DevRel Engineer | ✅ Shipped in PR #1533 | - -**Coverage decision:** Blog post + social thread. Not a standalone campaign. Frame as "SaaS workspace terminal" within the Phase 30 remote workspaces narrative. - ---- - -## Positioning Alignment - -- **Phase 30 remote workspaces**: EICE terminal completes the remote workspace UX — agents register, accept tasks, and now also have a terminal, all without leaving the canvas -- **Per-workspace auth tokens**: The same IAM-scoped credentials that authorize A2A also authorize EICE — the platform manages the credential lifecycle, not the user -- **Enterprise governance**: No SSH keys means no orphaned keys in AWS IAM. Connection authorization via IAM is auditable in CloudTrail. This is a governance argument as much as a UX argument. - ---- - -## Open Questions - -- [x] Does the terminal UI expose EC2 Instance Connect as a distinct connection type? → No — seamless; the platform handles it transparently -- [x] Is there a docs page? → Yes: `docs/infra/workspace-terminal.md` (shipped in PR #1533) -- [x] Social Media Brand: confirm launch thread length (5 posts recommended) -- [ ] Confirm EICE VPC Endpoint is present in the SaaS production VPC (DevOps/ops check) -- [x] Social copy status → APPROVED (social-copy.md on staging, 2026-04-22) -- [ ] 🔴 TTS audio file: Social Media Brand needs TTS generation before publish - ---- - -## Sign-off - -- [x] PMM positioning: approved -- [ ] Marketing Lead: pending -- [ ] DevRel: needs assignment (#1545) -- [ ] Content Marketer: blocked on DevRel code demo - ---- - -*PMM — routing to DevRel (#1545 code demo) → Content Marketer (#1546 blog) → Social Media Brand (#1547 launch thread). Close when all routed.* \ No newline at end of file diff --git a/docs/marketing/social/2026-04-21/social-queue.md b/docs/marketing/social/2026-04-21/social-queue.md deleted file mode 100644 index 6480c930..00000000 --- a/docs/marketing/social/2026-04-21/social-queue.md +++ /dev/null @@ -1,117 +0,0 @@ -# Chrome DevTools MCP — Social Copy -**Source:** PR #1306 merged to origin/main (2026-04-21) -**Status:** MERGED — awaiting Marketing Lead approval for publishing - ---- - -## X (140–280 chars) - -### Version A — Governance angle -``` -Chrome DevTools MCP gives agents full browser control. Screenshot, DOM, JS execution — all through a standard interface. - -Raw CDP is all-or-nothing. Molecule AI adds the governance layer: which agents get access, what they can do, how to revoke it. - -Audit trail included. -``` - -### Version B — Production use cases -``` -Three things you couldn't automate before Chrome DevTools MCP + Molecule AI governance: - -1. Lighthouse CI/CD audits — agent opens Chrome, runs Lighthouse, posts score to PR -2. Visual regression testing — screenshot diffs across agent workflow runs -3. Authenticated session scraping — agent behind a login with managed cookies - -All with org API key audit trail. -``` - -### Version C — Problem framing -``` -Chrome DevTools MCP: browser automation as a first-class MCP tool. - -For prototypes: great. For production: you need something between no browser and full admin. That's the gap Molecule AI's MCP governance fills. -``` - ---- - -## LinkedIn (100–200 words) - -Chrome DevTools MCP shipped in early 2026 — and browser automation is now a standard tool for any compatible AI agent. - -Screenshot. DOM inspection. Network interception. JavaScript execution. No custom wrappers, no browser-driver installation. - -That's the prototype story. For production — especially anything touching customer-facing workflows or authenticated sessions — all-or-nothing CDP access is a governance gap. - -Molecule AI's MCP governance layer answers the production questions: -- Which agents can open a browser? -- What can they do with it? -- How do you revoke access? -- When something goes wrong, who accessed what session data? - -Real-world use cases the layer enables: automated Lighthouse performance audits in CI/CD, screenshot-based visual regression testing, and authenticated session scraping — agents operating behind a login with cookies managed through the platform's secrets system. - -Every action is logged. Every browser operation is attributed to an org API key and workspace ID. - -Chrome DevTools MCP plus Molecule AI's governance layer: browser automation that meets production standards. - ---- - -## Image suggestions - -| Post | Image | -|---|---| -| X Version A | Fleet diagram: `marketing/assets/phase30-fleet-diagram.png` (reusable) | -| X Version B | Custom: 3-item checklist graphic — "Lighthouse / Regression / Auth Scraping" | -| X Version C | Quote card: "something between no browser and full admin" | -| LinkedIn | Quote card or the checklist graphic | - ---- - -## Hashtags - -`#MCP` `#BrowserAutomation` `#AIAgents` `#MoleculeAI` `#DevOps` `#QA` `#CI/CD` - ---- - -## Blog canonical URL - -`docs.moleculesai.app/blog/browser-automation-ai-agents-mcp` - ---- - -## MCP Server List Explainer -**File:** `docs/marketing/campaigns/mcp-server-list/social-copy.md` (staging, commit `0d3ad96`) -**Status:** COPY READY — awaiting visual assets + X credentials -**Canonical URL:** `docs.molecule.ai/blog/mcp-server-list` -**Owner:** Social Media Brand | **Day:** Ready once visual assets done - -5-post X thread + LinkedIn post. Full copy on staging. - ---- - -## Discord Adapter Day 2 -**File:** `discord-adapter-social-copy.md` (local) -**Status:** COPY READY — awaiting visual assets + X credentials -**Canonical URL:** `docs.molecule.ai/blog/discord-adapter` (live, PR #1301 merged) -**Owner:** Social Media Brand | **Day:** Ready once visual assets done - -See `discord-adapter-social-copy.md` for full copy (4 X variants + LinkedIn draft). - ---- - -## Fly.io Deploy Anywhere (T+3 catch-up) -**Source:** Blog live 2026-04-17 | Social delayed 5 days -**File:** `fly-deploy-anywhere-social-copy.md` (local) -**Status:** COPY READY — PMM executing Option A (retrospective catch-up). Awaiting X credentials. -**Canonical URL:** `moleculesai.app/blog/deploy-anywhere` -**Owner:** Social Media Brand | **Day:** Queue immediately after Chrome DevTools MCP Day 1 posts -**Decision:** PMM chose Option A per decision brief. Frame: "we shipped this last week." - -Retrospective framing: "Week in review: we shipped Fly.io Deploy Anywhere last week. Here's what it means for your agent infrastructure." - -Social Media Brand: hold Fly.io post until Chrome DevTools MCP Day 1 posts land, then queue Fly.io in the same session. - ---- - -## EC2 Instance Connect SSH (PR #1533) diff --git a/docs/marketing/social/2026-04-22-ec2-instance-connect-ssh/social-copy.md b/docs/marketing/social/2026-04-22-ec2-instance-connect-ssh/social-copy.md deleted file mode 100644 index 48b27906..00000000 --- a/docs/marketing/social/2026-04-22-ec2-instance-connect-ssh/social-copy.md +++ /dev/null @@ -1,148 +0,0 @@ -# EC2 Instance Connect SSH — Social Copy -Campaign: ec2-instance-connect-ssh | PR: molecule-core#1533 -Publish day: 2026-04-22 (today) -Assets: `marketing/devrel/campaigns/ec2-instance-connect-ssh/assets/` -Status: Draft — pending Marketing Lead approval + credential availability - ---- - -## X (Twitter) — Primary thread (5 posts) - -### Post 1 — Hook - -> Your AI agent has a workspace on an EC2 instance. -> -> How do you get a shell inside it right now? -> -> Old answer: copy the IP, find the key, `ssh -i key.pem ec2-user@X.X.X.X`, hope your -> security group is right. -> -> New answer: click Terminal in Canvas. -> -> Molecule AI now speaks AWS EC2 Instance Connect. - ---- - -### Post 2 — The problem it solves - -> SSH into a cloud agent workspace sounds simple. -> -> It's not. -> -> → Instance IP changes on restart -> → Key management across your whole agent fleet -> → Security group rules you have to get right every time -> → No audit trail on who SSH'd in and when -> -> EC2 Instance Connect handles all of it. Molecule AI wires it up so -> your agent workspace is one Terminal tab away. - ---- - -### Post 3 — How it works - -> Molecule AI + EC2 Instance Connect: -> -> → Workspace provisioned in your VPC, instance_id stored -> → Click Terminal tab in Canvas → WebSocket opens -> → Platform calls `aws ec2-instance-connect ssh` under the hood -> → EIC Endpoint opens a tunnel, STS pushes a temporary key -> → PTY bridges directly to the Canvas terminal -> -> No keys to manage. No IP to find. No security group dance. -> One click. - ---- - -### Post 4 — Security angle - -> Every SSH access to a cloud agent workspace should be attributable. -> -> With EC2 Instance Connect: -> -> → IAM policy gates access (condition: `Role=workspace` tag) -> → STS temporary key, auto-expires -> → EIC audit log shows which principal requested the tunnel -> → No long-lived SSH keys anywhere -> -> Your security team will appreciate this. - ---- - -### Post 5 — CTA - -> EC2 Instance Connect SSH is live in Molecule AI (PR #1533). -> -> Provision a CP-managed workspace → open the Terminal tab → you're in. -> -> If you're still `ssh -i key.pem` into your agent fleet — there's a better way. -> -> [CTA: docs.molecule.ai/infra/workspace-terminal — pending docs publish] -> #AgenticAI #MoleculeAI #AWS #DevOps #PlatformEngineering - ---- - -## LinkedIn — Single post - -**Title:** We gave AI agents their own terminal tab — powered by AWS EC2 Instance Connect - -**Body:** - -Getting a shell inside a cloud-hosted AI agent used to mean: find the instance IP, locate the SSH key, configure the security group, run `ssh`, hope nothing broke. - -That's now one click inside Molecule AI. - -We shipped EC2 Instance Connect SSH integration (PR #1533). Here's what changed: - -**The old flow:** -Copy the EC2 IP → find the SSH key → configure the security group to allow port 22 → `ssh -i key.pem ec2-user@X.X.X.X` → verify you're connected - -**The new flow:** -Provision a workspace in Canvas → click Terminal → you have a bash prompt - -What makes this possible is AWS EC2 Instance Connect. The platform stores the `instance_id` from provisioning, calls `aws ec2-instance-connect ssh --connection-type eice` on your behalf, and the EIC Endpoint opens a tunnel with an STS-pushed temporary key. The PTY bridges straight into the Canvas Terminal tab. - -Why this matters beyond convenience: - -→ No long-lived SSH keys to manage or rotate -→ IAM policy controls access (condition on `aws:ResourceTag/Role=workspace`) -→ EIC audit log gives you provenance on every tunnel open event -→ Temporary keys auto-expire - -Your agent workspaces are now as easy to access as your browser tab — with better audit trails than a manually managed SSH key rotation process. - -EC2 Instance Connect SSH is live now for all CP-provisioned workspaces. - ---- - -## Visual Asset Specifications - -1. **Terminal demo GIF** — Canvas Terminal tab showing bash prompt inside an EC2 workspace: - - Canvas UI with a workspace node selected - - Terminal tab open, showing `ec2-user@ip-10-0-x-x:~$` prompt - - Optional: running `whoami` or `hostname` to show EC2 context - - Format: GIF or looping MP4, max 10s - - Dark theme, molecule navy background - -2. **Architecture diagram** (optional for LI): - - Canvas (browser) → WebSocket → Platform (Go) → `aws ec2-instance-connect ssh` → EIC Endpoint → EC2 Instance - - Shows the tunnel path for audience who wants to understand the mechanism - ---- - -## Campaign notes - -**Audience:** DevOps, platform engineers, ML infrastructure teams running agents in AWS -**Tone:** Practical — the IAM/audit story is the differentiator for security-conscious buyers; the "one click" story is the differentiator for developer audience -**Differentiation:** No manual SSH key management vs. traditional bastion host approach -**Hashtags:** #AgenticAI #MoleculeAI #AWS #EC2InstanceConnect #PlatformEngineering #DevOps -**CTA links:** docs pending (workspace-terminal.md docs need to be published) - ---- - -## Self-review applied - -- No timeline claims ("today", "just shipped", etc.) beyond what's confirmed in PR state -- No person names -- No benchmarks or performance claims -- CTA links marked as pending until docs confirm live \ No newline at end of file diff --git a/docs/marketing/social/2026-04-24-ec2-console-output/social-copy.md b/docs/marketing/social/2026-04-24-ec2-console-output/social-copy.md deleted file mode 100644 index 9a7c9e01..00000000 --- a/docs/marketing/social/2026-04-24-ec2-console-output/social-copy.md +++ /dev/null @@ -1,83 +0,0 @@ -# EC2 Console Output — Social Copy -Campaign: EC2 Console Output | Source: PR #1178 -Publish day: 2026-04-24 (Day 4) -Status: ✅ APPROVED — Marketing Lead 2026-04-22 (PM confirmed) -Assets: `ec2-console-output-canvas.png` (1200×800, dark mode) - ---- - -## X (Twitter) — Primary thread (4 posts) - -### Post 1 — Hook -Your workspace failed. -You already know that. -What you don't know is *why* — and right now that means switching to the AWS Console, finding the instance, pulling the console output, and switching back. - -That's about to get better. - ---- - -### Post 2 — The old workflow -Before this fix: -Click failed workspace → tab switch → AWS Console → log in → find instance → Actions → Get system log. - -You're in the right place. You have the output. But you're also outside Canvas — you've lost the context of what the agent was doing, which workspace it was, and what the last_sample_error said. - -Still doable. Still a minute of your time. Still a context switch. - ---- - -### Post 3 — The new workflow -After PR #1178: -Click failed workspace → EC2 Console tab → full instance boot log, colorized by level, directly in Canvas. - -Same output as AWS Console. Same detail. No tab switch. No context loss. - -Thirty seconds to root cause, if that. - ---- - -### Post 4 — CTA -EC2 Console Output is now in Canvas — no AWS Console required. - -Works for any workspace: local Docker, remote EC2, on-prem VM. -If Molecule AI manages the instance, the console log is one click away. - -→ [See how it works](https://docs.molecule.ai/docs/guides/remote-workspaces) - ---- - -## LinkedIn — Single post - -**Title:** The fastest way to debug a failed AI agent workspace - -When an AI agent workspace fails in production, the debugging question is always the same: what happened on the instance? - -Before this week, the answer required leaving the canvas. Log into AWS. Find the instance. Pull the system log. Cross-reference with the workspace ID. Piece together what the agent was doing. - -That workflow just changed. - -Molecule AI now surfaces EC2 Console Output directly in the Canvas workspace detail panel. Full instance boot log, colorized by log level — INFO, WARN, ERROR — without leaving your workflow. - -The practical difference: root cause in thirty seconds instead of three minutes. No tab switch. No losing the workspace context you were already looking at. - -Works for any workspace Molecule AI manages: local Docker, remote EC2, on-prem VM. The console output is there when you need it. - -EC2 Console Output ships with Phase 30. - -→ [Read the docs](https://docs.molecule.ai/docs/guides/remote-workspaces) -→ [Molecule AI on GitHub](https://github.com/Molecule-AI/molecule-core) - -#AIagents #DevOps #AWs #CloudComputing #MoleculeAI - ---- - -## Campaign notes - -**Audience:** Platform engineers, DevOps, MLOps (X + LinkedIn) -**Tone:** Operational. Concrete. Shows the workflow, not the feature announcement. -**Differentiation:** EC2 Console Output in Canvas is a canvas/workspace UX differentiator — directly in the operator's workflow, not in a separate AWS tab. -**CTA:** /docs/guides/remote-workspaces — ties back to Phase 30 Remote Workspaces -**Coordinate with:** Day 4 of Phase 30 social campaign. Post after Discord Adapter (Day 2) and Org API Keys (Day 3). - -*Draft by Marketing Lead 2026-04-21 — based on PR #1178 + EC2 Console demo storyboard* diff --git a/docs/marketing/social/2026-04-25-org-scoped-api-keys/social-copy.md b/docs/marketing/social/2026-04-25-org-scoped-api-keys/social-copy.md deleted file mode 100644 index 9ec62bf2..00000000 --- a/docs/marketing/social/2026-04-25-org-scoped-api-keys/social-copy.md +++ /dev/null @@ -1,156 +0,0 @@ -# Org-Scoped API Keys — Social Copy -Campaign: org-scoped-api-keys | Source: PR #1105 -Publish day: 2026-04-25 (Day 5) -Status: ✅ Approved by Marketing Lead — 2026-04-21 - ---- - -## Feature summary (source: PR #1105) -- Org-scoped API keys: named, revocable, audited credentials replacing the shared ADMIN_TOKEN -- Mint from Canvas UI or `POST /org/tokens` -- sha256 hash stored server-side, plaintext shown once on creation -- Prefix visible in every audit log line -- Immediate revocation — next request, key is dead -- Works across all workspaces AND workspace sub-routes -- Scoped roles (read-only, workspace-write) on the roadmap - -**Angle:** "Your AI agent now has its own org-admin identity — named, revokable, audited. No more shared ADMIN_TOKEN." - ---- - -## X (Twitter) — Primary thread (5 posts) - -### Post 1 — Hook -You have 20 agents running in production. - -One of them is making calls you can't trace. - -That's not a hypothetical. That's what happens when you scale past -"one ADMIN_TOKEN works fine" — and it usually happens the week before -a compliance review. - -Molecule AI org-scoped API keys: named, revocable, audit-attributable -credentials for every integration. - -→ [blog post link] - ---- - -### Post 2 — Problem framing -ADMIN_TOKEN works great — until it doesn't. - -→ Can't rotate without downtime (10 agents use it simultaneously) -→ Can't attribute which integration made a call (no prefix in logs) -→ Can't revoke just one (one compromised token compromises everything) - -Org-scoped API keys fix all three. - -→ [blog post link] - ---- - -### Post 3 — How it works (the product) -Molecule AI org API keys: - -→ Mint via Canvas UI or POST /org/tokens -→ sha256 hash stored server-side, plaintext shown once -→ Prefix visible in every audit log line -→ Immediate revocation — next request, key is dead -→ Works across all workspaces AND workspace sub-routes - -Rotate without downtime. Attribute every call. Revoke instantly. - -→ [blog post link] - ---- - -### Post 4 — Compliance angle -"We need to know which integration called that API endpoint." - -Org-scoped API keys: every call tagged with the key's display prefix -in the audit log. Full provenance in `created_by` — which admin minted -the key, when, what it's been calling. - -That's the answer your compliance team needs. - -→ [blog post link] - ---- - -### Post 5 — CTA -Org-scoped API keys are live on all Molecule AI deployments. - -If you're running multi-agent infrastructure and still using a single -ADMIN_TOKEN — fix that. - -→ [org API keys docs link] - ---- - -## LinkedIn — Single post - -**Title:** One ADMIN_TOKEN across your whole agent fleet is a compliance risk, not a convenience - -**Body:** - -At two agents, one ADMIN_TOKEN feels fine. - -At twenty agents, it's a single point of failure that you can't rotate, -can't audit, and can't compartmentalize. - -Molecule AI's org-scoped API keys change the model: - -→ One credential per integration — "ci-deploy-bot", "devops-rev-proxy", - not "the ADMIN_TOKEN" - -→ Every API call tagged with the key's prefix in your audit logs - -→ Instant revocation — one key compromised, one key revoked, - zero downtime for other integrations - -→ `created_by` provenance on every key — which admin created it, - when, and what it can reach - -The keys work across every workspace in your org — including workspace -sub-routes, not just admin endpoints. - -This is the credential model that makes multi-agent infrastructure -defensible at scale. - -Org-scoped API keys are available now on all Molecule AI deployments. - -→ [org API keys docs link] - -UTM: `?utm_source=linkedin&utm_medium=social&utm_campaign=org-scoped-api-keys` - ---- - -## Visual Asset Requirements - -1. **Canvas UI screenshot** — Org API Keys tab showing key list - (name, prefix, created date, last used) -2. **Before/after credential model** — "ADMIN_TOKEN (single, shared, - un-auditable)" vs "Org-scoped API keys (one per integration, - named, revocable, attributed)" -3. **Audit log terminal output** — key prefix, workspace ID, timestamp - in every line - ---- - -## Campaign Notes - -- **Publish day:** 2026-04-25 (Day 5) -- **Hashtags:** #AgenticAI #MoleculeAI #DevOps #PlatformEngineering -- **X platform tone:** Lead with attribution — "which agent made that call?" - resonates with developer/DevOps audience -- **LinkedIn platform tone:** Lead with compliance/risk — "one ADMIN_TOKEN - is a single point of failure" resonates with enterprise audience -- **Key naming examples:** `ci-deploy-bot`, `devops-rev-proxy` — concrete, - relatable for target audience -- **Self-review applied:** no timeline claims, no person names, no benchmarks -- **CTA links:** org API keys docs page — pending live URL - ---- - -*Source: Molecule-AI/internal `marketing/devrel/social/gh-issue-pr1105-org-api-keys-launch.md`* -*Status: ✅ Approved by Marketing Lead 2026-04-21 — ready for Social Media Brand to publish once credentials are provisioned — Marketing Lead approval required before publish* diff --git a/docs/marketing/social/discord-adapter-social-copy.md b/docs/marketing/social/discord-adapter-social-copy.md deleted file mode 100644 index 65fd926c..00000000 --- a/docs/marketing/social/discord-adapter-social-copy.md +++ /dev/null @@ -1,145 +0,0 @@ -# Discord Adapter — Social Copy -**Feature:** Discord channel adapter (inbound via Interactions webhook, outbound via Incoming Webhooks) -**Campaign:** Discord Adapter | **Docs:** `docs/agent-runtime/social-channels.md` (Discord Setup section) -**Canonical URL:** `github.com/Molecule-AI/molecule-core/blob/main/docs/agent-runtime/social-channels.md` (moleculesai.app TBD — outage confirmed) -**Status:** APPROVED (PMM proxy — Marketing Lead offline) | Reddit/HN copy ADDED by PMM -**Owner:** PMM → Social Media Brand | **Day:** Ready to post once X credentials are restored - ---- - -## X (140–280 chars) - -### Version A — Slash commands for agents -``` -Your Discord community just got an agent layer. - -Connect a Molecule AI workspace to any Discord channel. Members query your agents via slash commands — no bot token setup for outbound. - -Governance included. Audit trail included. -``` - -### Version B — Multi-channel agent access -``` -Your AI agents can already handle Telegram, email, and Slack. -Now add Discord — without changing how agents work. - -Slash commands → agent workspace → response to any channel. -One protocol. Any channel. Molecule AI's channel adapter. -``` - -### Version C — Developer angle -``` -Setting up an AI agent in Discord used to mean: create app, configure intents, handle events. - -Molecule AI's Discord adapter: paste a webhook URL. Done. - -Inbound via Interactions. Outbound via Incoming Webhook. Zero bot token management. -``` - -### Version D — Platform angle -``` -Discord communities can now talk to your agent fleet. - -Molecule AI's channel adapter: one workspace, any social platform. Telegram, Slack, Discord — all the same agent underneath. - -Your agents. Your channels. One canvas. -``` - ---- - -## LinkedIn (100–200 words) - -``` -Connecting your AI agent fleet to Discord just got simpler — and more powerful. - -Molecule AI's Discord adapter ships today. Here's what that means in practice: - -Outbound messages: paste an Incoming Webhook URL. That's it. No Discord bot app, no OAuth token, no intent configuration — just a webhook URL and your agent is live in any channel. - -Inbound: slash commands and message components arrive as signed Interactions payloads. The adapter parses them, forwards them to the workspace agent, and routes the response back to Discord. - -Your Discord community gets access to the same agent capabilities as your Telegram users, your Slack channels, and your Canvas — without duplicating the agent logic or managing separate bot tokens. - -One protocol. Any channel. Molecule AI's channel adapter layer makes social platforms first-class citizen channels for your agent fleet. -``` - ---- - -## Image suggestions - -| Post | Image | Source | -|---|---|---| -| X Version A | Slash command dropdown screenshot — `/agent` in Discord | Custom: Discord UI screenshot | -| X Version B | Multi-channel diagram: Telegram + Slack + Discord → same workspace agent | Custom: platform diagram | -| X Version C | Before/after: complex bot setup vs "paste webhook URL" | Custom: simple comparison card | -| X Version D | Canvas Channels tab with Discord connected | Custom: Canvas screenshot | -| LinkedIn | Multi-platform diagram | Custom | - ---- - -## Hashtags - -`#MoleculeAI` `#Discord` `#AIAgents` `#MCP` `#SocialChannels` `#MultiChannel` `#AgentPlatform` `#DevOps` - ---- - -## CTA - -`moleculesai.app/docs/agent-runtime/social-channels` - ---- - -## Campaign timing - -Ready to post once: -1. X consumer credentials (`X_API_KEY` + `X_API_SECRET`) are restored to Social Media Brand workspace — blocking all posts -2. Discord Adapter Day 2 copy is approved by Marketing Lead (coordinate with Social Media Brand) - ---- - -*PMM drafted 2026-04-22 — no prior social copy file found for Discord adapter* -*Positioning note: Discord adapter is outbound-primary (no separate bot token for outbound); inbound via Interactions webhook — leverage this simplicity in copy* - ---- - -## Reddit Post (r/LocalLLaMA or r/MachineLearning) -``` -Molecule AI just shipped a Discord adapter for AI agent fleets. - -The setup: paste a webhook URL. That's it — no Discord bot app, no OAuth token, no intent configuration. - -Inbound: slash commands and message components arrive as signed Interactions payloads. The adapter parses them, forwards to your workspace agent, routes the response back to Discord. - -Outbound: same incoming webhook, no separate bot token needed. - -One workspace. Any channel. Your Telegram, Slack, and Discord users all hit the same agent underneath — no duplicated logic, no separate bot tokens per platform. - -GitHub: github.com/Molecule-AI/molecule-core -Docs: github.com/Molecule-AI/molecule-core/blob/main/docs/agent-runtime/social-channels.md -``` - ---- - -## Hacker News — Show HN -``` -Show HN: Molecule AI Discord adapter — webhook URL setup, zero bot token management - -Molecule AI shipped a Discord channel adapter for AI agent fleets. - -The problem it solves: connecting Discord to an AI agent fleet usually means creating a Discord app, configuring intents, handling events, managing token rotation. The agent logic isn't the hard part — the integration is. - -What we built: a Discord adapter that uses Discord's Interactions webhooks for inbound and Incoming Webhooks for outbound. No Discord bot app required. No OAuth token. No intent configuration. - -Setup: paste an Incoming Webhook URL. Done. - -Inbound: slash commands and message components arrive as signed Interactions payloads. The adapter parses them, forwards to your workspace agent, routes the response back to the channel. - -Outbound: same incoming webhook. No separate bot token for outbound messages. - -What this means in practice: your Discord community gets access to the same agent capabilities as your Telegram users, your Slack channels, and your Canvas — without duplicating the agent logic or managing separate bot tokens per platform. - -Under 100 lines to add Discord to an existing Molecule AI workspace. Full source in the linked repo. - -GitHub: github.com/Molecule-AI/molecule-core -Docs: github.com/Molecule-AI/molecule-core/blob/main/docs/agent-runtime/social-channels.md -``` \ No newline at end of file diff --git a/docs/marketing/social/ec2-instance-connect-ssh-social-copy.md b/docs/marketing/social/ec2-instance-connect-ssh-social-copy.md deleted file mode 100644 index eea1d1b4..00000000 --- a/docs/marketing/social/ec2-instance-connect-ssh-social-copy.md +++ /dev/null @@ -1,132 +0,0 @@ -# EC2 Instance Connect SSH — Social Copy -**Feature:** PR #1533 — `feat(terminal): remote path via aws ec2-instance-connect + pty` -**Campaign:** EC2 Instance Connect SSH | **Blog:** `docs/infra/workspace-terminal.md` (shipped in PR #1533) -**Canonical URL:** `moleculesai.app/docs/infra/workspace-terminal` -**Status:** APPROVED — unblocked for Social Media Brand -**Owner:** PMM → Social Media Brand | **Day:** Blocked on DevRel code demo (#1545) + Content Marketer blog (#1546) -**Positioning approved by:** PMM (GH issue #1637) - ---- - -## Headline Angle: "No SSH keys, no bastion, no public IP" -**Primary security differentiator:** Ephemeral keys (60-second RSA key lifespan via AWS API — no persistent key on disk, no rotation, no orphaned credential risk) - -Secondary angle: Zero key rot — the 60-second key window means there's nothing to rotate, nothing to revoke, nothing exposed on developer machines. - ---- - -## X / Twitter (140–280 chars) - -### Version A — Infrastructure angle ✅ (ops simplicity, approved primary) -``` -Your SaaS-provisioned EC2 workspace has a terminal tab. No SSH keys needed. - -Molecule AI connects via EC2 Instance Connect Endpoint — IAM-authorized, no bastion, no public IP required. - -One click. You're in. -``` - -### Version B — Zero credential overhead (ops simplicity) -``` -Connecting to a cloud VM used to mean: SSH key, bastion host, public IP, and a security review. - -EC2 Instance Connect changes that. Your IAM role is the auth layer. No keys on disk. No rotation. No gap. - -The terminal just works. -``` - -### Version C — Developer angle (DX) -``` -Your agent's EC2 workspace just got a terminal tab. - -No pre-configured SSH keys. No bastion. No public IP needed. - -Molecule AI handles EC2 Instance Connect for you — IAM-authorized, PTY over WebSocket, in the canvas. - -That's the SaaS difference. -``` - -### Version D — Security / Enterprise (zero key rot) ✅ -``` -SSH key left on a laptop. Former employee. Rotation takes a week. - -EC2 Instance Connect: every connection uses an ephemeral key pushed to instance metadata — valid 60 seconds, never touches a developer machine. - -No orphaned keys. No rotation SLAs. IAM is the auth layer. - -Security teams notice this architecture. -``` - -### Version E — Ephemeral key story (new — security lead) -``` -Traditional SSH: key lives on disk, gets shared, gets forgotten, becomes a liability. - -EC2 Instance Connect SSH in Molecule AI: a temporary RSA key appears in instance metadata for 60 seconds, then disappears. - -No key on disk. No key rotation. No blast radius when someone leaves. - -The terminal just works. The key doesn't outlast the session. -``` - -### Version F — Problem → solution (ops lead) -``` -Problem: SaaS-provisioned EC2 workspaces don't have a terminal tab without SSH keys, a bastion, and a public IP. - -Solution: EC2 Instance Connect Endpoint. IAM-authorized. Platform-initiated. No user-side key management. - -Your canvas workspace just got a shell. -``` - ---- - -## LinkedIn (100–200 words) - -``` -Getting a terminal into a cloud VM shouldn't require a security review, a bastion host, and an SSH keypair. - -For SaaS-provisioned workspaces — the ones running on Fly Machines or EC2 — that was the reality until this week. Connecting to a remote VM meant: pre-configured keys, a jump box, and either a public IP or an SSM agent installed per instance. - -EC2 Instance Connect Endpoint changes this. The platform's IAM credentials authorize the connection. A temporary RSA key appears in the instance metadata (valid for 60 seconds), and the session is proxied over WebSocket to the canvas terminal tab. No keys on disk. No bastion. No configuration required. - -The terminal tab appears automatically for every CP-provisioned workspace. The connection is IAM-authorized, so every session is attributable in CloudTrail. Revocation is immediate — stop the IAM role, the connection stops. - -This is what SaaS terminal access looks like when it's designed for agents, not humans with SSH config files. -``` - ---- - -## Image suggestions - -| Post | Image | Source | -|---|---|---| -| X Version A | Canvas screenshot: terminal tab open on a REMOTE badge workspace | Custom: needs DevRel code demo screenshot | -| X Version D | Timeline graphic: "Key pushed to metadata → 60s window → key invalidated" | Custom: AWS/EC2 flow diagram | -| X Version E | Before/after: key-on-disk vs ephemeral key lifecycle | Custom graphic | -| X Version F | Problem/solution card: "Before: bastion + keys + public IP" vs "After: one click, canvas terminal" | Custom graphic | -| LinkedIn | Canvas terminal screenshot with REMOTE badge | Custom | - ---- - -## Hashtags - -`#MoleculeAI` `#AWS` `#EC2` `#AIInfrastructure` `#AgentPlatform` `#DevOps` `#Security` `#A2A` `#RemoteWorkspaces` - -**Note:** `#AgenticAI` removed — does not appear in Phase 30 positioning brief; keep messaging consistent. - ---- - -## CTA - -`moleculesai.app/docs/infra/workspace-terminal` - ---- - -## Campaign timing - -Dependent on: DevRel code demo (#1545) → Content Marketer blog (#1546) → Social Media Brand launch thread. -Recommended: Coordinate with DevRel screencast; social posts should reference the demo for credibility. - ---- - -*PMM drafted 2026-04-22 — updated 2026-04-22 (GH issue #1637 positioning decision: lead with ops simplicity, highlight ephemeral key property in security-focused posts)* -*Positioning brief: `docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md`* diff --git a/docs/marketing/social/fly-deploy-anywhere-social-copy.md b/docs/marketing/social/fly-deploy-anywhere-social-copy.md deleted file mode 100644 index 9fba75d3..00000000 --- a/docs/marketing/social/fly-deploy-anywhere-social-copy.md +++ /dev/null @@ -1,91 +0,0 @@ -# Fly.io Deploy Anywhere — Social Copy -**Campaign:** Fly.io Deploy Anywhere | **Blog:** `docs/blog/2026-04-17-deploy-anywhere/index.md` -**Canonical URL:** `moleculesai.app/blog/deploy-anywhere` -**Status:** DRAFT — PMM wrote this copy; no file existed anywhere before this entry -**Owner:** PMM → Social Media Brand | **Day:** T+3 (campaign delayed from April 17) - ---- - -## X (140–280 chars) - -### Version A — Infrastructure freedom -``` -Your cloud. Your choice. - -Molecule AI workspaces now run on Docker, Fly.io, or your control plane — with one config change. No agent code changes. No migration tax. - -Your agents. Your infra. -``` - -### Version B — Developer pain -``` -Setting up AI agent infrastructure on Fly.io took a week. With Molecule AI it takes one environment variable. - -Three variables. Done. That's it. -``` - -### Version C — Multi-cloud reality -``` -Most agent platforms assume you run Docker. Molecule AI doesn't. - -Docker, Fly.io, or control plane — the backend is a runtime choice, not an architectural commitment. Your agent code stays the same. -``` - -### Version D — Indie dev angle -``` -Fly.io's economics for AI agents — scale to zero when nobody's working, pay per use. - -Molecule AI workspaces run on Fly Machines. Zero config. One env var. Production-ready from day one. -``` - ---- - -## LinkedIn (100–200 words) - -``` -Your infrastructure choice just got decoupled from your agent platform choice. - -Molecule AI ships three production-ready workspace backends — Docker, Fly.io, and a control plane — and switching between them takes a single environment variable. Your agent code, model choices, and workspace topology stay exactly the same. - -Until this week, if you wanted Fly.io's economics — pay-per-use compute, fast cold starts, scale to zero when nobody's working — you had to migrate your agent platform. That trade-off is gone. - -Today: set three environment variables on your Molecule AI tenant instance, and your workspaces provision as Fly Machines. No separate Docker host. No idle infrastructure. Your agents run on Fly.io with Molecule AI's canvas, A2A protocol, and auth model — same platform, different backend. - -Set it and forget it — until you want to switch back. - -Molecule AI workspace backends: Docker, Fly.io, Control Plane. One config change. -``` - ---- - -## Image suggestions - -| Post | Image | -|---|---| -| X Version A | Comparison card: Docker vs Fly.io vs Control Plane — three boxes, same logo | -| X Version B | Terminal: 3 env vars → workspace online on Fly.io | -| X Version C | Diagram: "Backend = runtime choice" — agent code central, 3 arrows to Docker/Fly.io/Control Plane | -| LinkedIn | Fleet diagram (reusable from Phase 30 — same visual, different caption) | - ---- - -## Hashtags - -`#MoleculeAI` `#FlyIO` `#AIInfrastructure` `#AgentPlatform` `#DevOps` `#AIAgents` `#A2A` `#RemoteWorkspaces` - -**Note:** `#AgenticAI` removed per Phase 30 positioning brief. `#AIAgents` and `#A2A` added for cross-campaign consistency. - ---- - -## Campaign timing note - -Blog went live April 17. As of April 22 this campaign is 5 days stale. Recommend one of: -- Fold into Phase 30 social push as a variant (low effort, reuse fleet diagram) -- Hold for a Fly Machines pricing/GA moment -- Drop from active queue - -Confirm with Marketing Lead. - ---- - -*PMM drafted 2026-04-21 — no prior social copy file found anywhere in workspace* diff --git a/docs/marketing/social/phase30-social-copy.md b/docs/marketing/social/phase30-social-copy.md deleted file mode 100644 index 36aed7a0..00000000 --- a/docs/marketing/social/phase30-social-copy.md +++ /dev/null @@ -1,91 +0,0 @@ -# Phase 30 — Short-Form Social Copy -**Source:** PR #1306 merged to origin/main (2026-04-21) -**Status:** MERGED — awaiting Marketing Lead approval for publishing - ---- - -## X (140–280 chars) - -### Version A — Technical -``` -Phase 30 ships: Molecule AI remote workspaces are GA. - -Agents running on your laptop, AWS, GCP, or on-prem now register to the same org as your Docker agents. Same A2A. Same auth. Same canvas. - -Remote badge. That's the only difference. -→ docs: https://moleculesai.app/docs/guides/remote-workspaces -``` - -### Version B — Product -``` -Your laptop is now a valid Molecule AI runtime. - -One org. Mixed fleet: Docker agents on the platform, remote agents wherever your infrastructure lives. One canvas. One audit trail. - -Phase 30 is live. -``` - -### Version C — Developer -``` -How to run a Molecule AI agent on your laptop in 3 steps: - -1. Create a workspace (runtime: external) -2. Run the Python SDK -3. Watch it appear on the canvas - -That's it. Phase 30 is live. -docs → https://moleculesai.app/docs/guides/remote-workspaces -``` - -### Version D — Enterprise -``` -Multi-cloud AI agent fleets, single governance plane. - -Phase 30: agents on AWS, GCP, on-prem, your laptop — all visible in one canvas, all governed by the same platform auth, all auditable. - -GA today. -``` - ---- - -## LinkedIn (150–300 words) - -``` -We're launching Phase 30: Remote Workspaces. - -Most AI agent platforms assume all agents run in the same environment as the control plane. Molecule AI didn't — but until today, that's where the story ended. - -Phase 30 changes that. Your agent can now run anywhere: - -- On a developer's laptop, for local iteration and debugging -- On AWS or GCP, for production workloads in your cloud -- On an on-premises server, for enterprise environments with data residency requirements -- On a third-party endpoint, for existing SaaS integrations - -And from the canvas, you can't tell the difference. Same workspace card. Same status. Same chat tab. Same audit trail. The only visible signal: a purple REMOTE badge. - -The governance is the same. The A2A protocol is the same. The auth contract is the same. Where the agent runs is a deployment detail — not an architectural constraint. - -Phase 30 is generally available today. - -See the quick start → [link] -Read the guide → [link] -``` - ---- - -## Image suggestions per post - -| Post | Best image | -|---|---| -| X Version A (Technical) | Fleet diagram: `marketing/assets/phase30-fleet-diagram.png` | -| X Version B (Product) | Canvas screenshot: `marketing/assets/phase30-canvas-remote-badge.png` (once captured) | -| X Version C (Developer) | Terminal screenshot: `python3 run.py` + canvas showing REMOTE badge | -| X Version D (Enterprise) | Fleet diagram (same as A) | -| LinkedIn | Fleet diagram OR canvas screenshot | - ---- - -## Hashtags - -`#MoleculeAI` `#RemoteWorkspaces` `#AIAgents` `#AgentFleet` `#AIPlatform` `#MCP` `#A2A` `#MultiCloud` diff --git a/marketing/assets/phase30-fleet-diagram-notes.txt b/marketing/assets/phase30-fleet-diagram-notes.txt deleted file mode 100644 index b93c21a2..00000000 --- a/marketing/assets/phase30-fleet-diagram-notes.txt +++ /dev/null @@ -1,108 +0,0 @@ -DESIGN NOTES — phase30-fleet-diagram.png -========================================= -Generated by: /workspace/gen_fleet_diagram.py (matplotlib / Python) -Output size: 128,967 bytes · nominal 1800×1050 px at 150 dpi - -──────────────────────────────────────────────────────────────────────────── -COLOUR PALETTE -──────────────────────────────────────────────────────────────────────────── -Background / Canvas - #0A0E1A Deep navy Background (facecolor on save) - -Panel interiors - #111827 Dark steel Agent boxes, Platform box interior fill - -Panel borders / accents - #1F2A40 Muted slate PANEL_EDGE (reserved, not rendered) - -Brand colours used - #4A90D9 Molecule Blue Platform box border, A2A Proxy sections, - connector line: platform → canvas - - #8B5CF6 Purple REMOTE Agent Fleet boxes (border, header tint, - dashed outer ring, fan-in connector lines) - - #22C55E Green Online/active status dots (×5 per agent), - "Canvas" box border, canvas live dot, - "One canvas / All agents" text - - #F59E0B Amber/Orange "WebSocket Fanout" label inside platform box - -Supporting neutrals - #94A3B8 Steel gray Body text, sub-labels (endpoint paths, - Secrets Management, State Polling, etc.) - - #F1F5F9 Near white Title text, "Molecule AI Platform" header, - box title labels - - #60A5FA Light blue Section headers inside platform (A2A Proxy, - Registry + Heartbeat) — lighter tint of - Molecule Blue for sub-panel hierarchy - -──────────────────────────────────────────────────────────────────────────── -TYPOGRAPHY -──────────────────────────────────────────────────────────────────────────── -Font family : DejaVu Sans (matplotlib default, no custom .ttf loaded) -Title : 13 pt bold #F1F5F9 -Subtitle : 7 pt #94A3B8 -Box titles : 9 pt bold #F1F5F9 -Section heads: 7.5 pt bold #60A5FA (inside platform box) -Body labels : 5.5–5.8 pt #94A3B8 -Agent names : 6.5 pt bold #F1F5F9 -FW pill : 6.0 pt bold #F1F5F9 (on purple background) -Legend items : 6.5 pt #94A3B8 -Version tag : 5.5 pt #94A3B8 (60% alpha) - -──────────────────────────────────────────────────────────────────────────── -VISUAL ELEMENTS -──────────────────────────────────────────────────────────────────────────── -Agent icon labels (top-left of each agent box) - EC2 — AWS EC2 - Mac — Laptop/Mac - Srv — On-Prem - -Framework pills (centre of each agent box, purple background) - [ LangGraph ] [Claude Code] [ CrewAI ] - -Status dots — 5 green dots per agent box, radius 0.075 figure-units, -spaced 0.26 apart, centred horizontally in each box. - -Dashed outer rings — thin (0.9 pt) dashed border surrounds each box -category with its brand colour at ~45–50% alpha. - -Connector lines — solid, 1.2 pt purple for fan-in from agents to platform; -1.4 pt blue for platform-to-canvas drop. Arrowhead at destination end. - -──────────────────────────────────────────────────────────────────────────── -REFINEMENT CHECKLIST (design team) -──────────────────────────────────────────────────────────────────────────── -□ Swap "EC2 / Mac / Srv" labels for proper cloud-platform icons - (AWS logo, macOS logo, server rack icon) via a bundled .ttf or - matplotlib.matplotlib_fname() + FontManager trick to register a - custom icon font such as Font Awesome 6 Free. -□ Align connector lines to converge at a single "junction point" above - the platform box rather than three separate lines fanning from - identical y-coordinates — more closely mirrors the ASCII diagram. -□ Add a faint grid or dot-grid background texture to the figure canvas - to reinforce the tech/diagram aesthetic. -□ Consider a subtle horizontal divider inside each agent box between - the header band and the framework pill / dots area. -□ Source the Molecule AI wordmark / logo SVG and embed it in the - platform title bar (requires converting SVG → matplotlib transforms - or rasterising to a numpy array via Pillow). -□ Export at 300 dpi for print-ready assets; current 150 dpi is - optimised for screen/web display. -□ Validate colour contrast ratios (WCAG AA) for body text on dark bg — - #94A3B8 on #0A0E1A should be re-checked; may need to shift body - text to #B0BEC5 or lighter for legibility. - -──────────────────────────────────────────────────────────────────────────── -REPRODUCIBILITY -──────────────────────────────────────────────────────────────────────────── -matplotlib >= 3.5 -numpy (bundled with matplotlib) -Python >= 3.8 -Pillow (not required for this script — pure matplotlib rendering) - -Run: python /workspace/gen_fleet_diagram.py -Output: /workspace/marketing/assets/phase30-fleet-diagram.png \ No newline at end of file diff --git a/marketing/assets/phase30-fleet-diagram.png b/marketing/assets/phase30-fleet-diagram.png deleted file mode 100644 index 583e971d..00000000 Binary files a/marketing/assets/phase30-fleet-diagram.png and /dev/null differ diff --git a/marketing/audio/audit-chain-verification-script.txt b/marketing/audio/audit-chain-verification-script.txt deleted file mode 100644 index 21f9ea97..00000000 --- a/marketing/audio/audit-chain-verification-script.txt +++ /dev/null @@ -1,15 +0,0 @@ -Every time an agent in your Molecule AI organization does something — delegates a task, calls a tool, reads a secret, or makes an external API call — that event is written to an append-only audit log. That log is chained with HMAC-SHA256 so that any tampering with past entries is detectable, provable, and logged. - -This post explains how that system works, and what changed in Pull Request number one-three-three-nine. - -The problem with plain audit logs is that nothing stops someone with database access from editing past rows. A malicious actor can remove or modify entries, and the log looks perfectly fine. - -Molecule AI's audit ledger is an append-only, chain-verified log. Each entry contains the event data, an HMAC-SHA256 of the current entry signed with a server-side secret, and the HMAC of the previous entry embedded as part of the signing context. This creates a chain — every entry's HMAC depends on the previous entry's HMAC. If you change any past entry, its HMAC changes. That breaks the chain at the next verification step. - -Verify Audit Chain walks the log from the beginning, recomputing each HMAC and comparing it against the stored value. If every entry verifies, the chain is intact. If an entry fails to verify, the function returns false. The tamper is detectable. - -Organization-scoped API keys are the attribution layer on top of the integrity layer. Each organization key carries a name, a hash, and a prefix. Every authenticated call carries that prefix in the audit row. Combined with the HMAC chain, you get integrity and attribution simultaneously. - -The bug Pull Request one-three-three-nine fixed was a panic vulnerability. In Go, slicing a string beyond its length causes a panic. Verify Audit Chain was using a twelve-character truncation on HMACs for log readability. But if an audit row had been corrupted, the stored HMAC could be shorter than twelve bytes, and the verification pass would crash. The fix adds a length check before truncation. The logic is unchanged — if the HMAC is long enough, the same twelve-character prefix is logged. If it is short or missing, a shorter prefix is logged. Either way, the chain verification still runs, and mismatches still fail correctly. - -For teams running SOC two or ISO twenty-seven-zero-zero-one, this is the difference between, here's a log, and, here is a cryptographically verifiable, attributable record of everything that happened. \ No newline at end of file diff --git a/marketing/audio/audit-chain-verification.mp3 b/marketing/audio/audit-chain-verification.mp3 deleted file mode 100644 index 7b1d21fa..00000000 Binary files a/marketing/audio/audit-chain-verification.mp3 and /dev/null differ diff --git a/marketing/audio/audit-trail-observability.mp3 b/marketing/audio/audit-trail-observability.mp3 deleted file mode 100644 index 00fb0b7f..00000000 Binary files a/marketing/audio/audit-trail-observability.mp3 and /dev/null differ diff --git a/marketing/audio/chrome-devtools-mcp-summary.mp3 b/marketing/audio/chrome-devtools-mcp-summary.mp3 deleted file mode 100644 index fd91cce8..00000000 Binary files a/marketing/audio/chrome-devtools-mcp-summary.mp3 and /dev/null differ diff --git a/marketing/audio/phase30-announce.mp3 b/marketing/audio/phase30-announce.mp3 deleted file mode 100644 index d51b2db7..00000000 Binary files a/marketing/audio/phase30-announce.mp3 and /dev/null differ diff --git a/marketing/audio/phase30-script.txt b/marketing/audio/phase30-script.txt deleted file mode 100644 index 7550bf4b..00000000 --- a/marketing/audio/phase30-script.txt +++ /dev/null @@ -1,13 +0,0 @@ -Molecule AI ships Phase 30 today — Remote Workspaces is generally available. - -Starting now, any agent can run anywhere: your laptop, a different cloud, an edge device, a third-party endpoint. It registers with your Molecule org, appears on the canvas with a remote badge, receives tasks from parent agents, and reports status — just like an agent running in Docker. - -The auth contract is the same. The A2A protocol is the same. The canvas experience is the same. The only difference is where the agent's process lives. - -Here's what Phase 30 delivers. Workspace auth tokens so every remote agent has a cryptographic identity. A secrets pull endpoint so API keys are managed centrally, not baked into container images. A state polling interface so agents can stay alive without a WebSocket connection. And an SDK — Python, dependency-light, just requests — that wraps all of it. - -To onboard a remote agent: create a workspace with runtime external, point it at your platform URL, and run the SDK. Within seconds it shows up on the canvas, purple badge and all. - -Phase 30 turns Molecule AI from a self-hosted tool into an enterprise agent fleet platform. Agents run anywhere. Governance stays in one place. - -Learn more at moleculesai dot A I, and check the docs for the quick start guide. diff --git a/marketing/audio/phase30-video-vo-mandarin-script.txt b/marketing/audio/phase30-video-vo-mandarin-script.txt deleted file mode 100644 index 8b664a9c..00000000 --- a/marketing/audio/phase30-video-vo-mandarin-script.txt +++ /dev/null @@ -1,7 +0,0 @@ -Phase 30 正式发布 — Molecule AI 远程工作区现已全面可用。 - -笔记本、云服务器、本地机房 — 都可以是 Molecule AI 的运行时。代理注册到组织,在画布上显示远程徽章,接收任务并上报状态。相同的 A2A 协议,相同的身份认证。 - -接入只需三步:将工作区运行时设为 external,指向平台地址,运行 SDK。几秒内出现在画布上,紫色徽章,一切就绪。 - -代理运行在任何地方,治理收于一处。 diff --git a/marketing/audio/phase30-video-vo-mandarin.mp3 b/marketing/audio/phase30-video-vo-mandarin.mp3 deleted file mode 100644 index 75129808..00000000 Binary files a/marketing/audio/phase30-video-vo-mandarin.mp3 and /dev/null differ diff --git a/marketing/audio/phase30-video-vo-script.txt b/marketing/audio/phase30-video-vo-script.txt deleted file mode 100644 index 63c649e8..00000000 --- a/marketing/audio/phase30-video-vo-script.txt +++ /dev/null @@ -1,7 +0,0 @@ -Phase 30 is live — Molecule AI Remote Workspaces is generally available. - -Your laptop, a cloud instance, an on-premises server — any of these is now a valid Molecule AI runtime. An agent running anywhere registers with your org, appears on the canvas with a remote badge, receives tasks from parent agents, and reports status. Same A2A protocol. Same auth contract. Same canvas. - -To onboard a remote agent: create a workspace with runtime external, point it at your platform URL, and run the SDK. Within seconds, it shows up on the canvas — purple badge and all. - -Agents run anywhere. Governance stays in one place. diff --git a/marketing/audio/phase30-video-vo.mp3 b/marketing/audio/phase30-video-vo.mp3 deleted file mode 100644 index ae0838f4..00000000 Binary files a/marketing/audio/phase30-video-vo.mp3 and /dev/null differ diff --git a/marketing/audio/quickstart-audio.mp3 b/marketing/audio/quickstart-audio.mp3 deleted file mode 100644 index 826201a4..00000000 Binary files a/marketing/audio/quickstart-audio.mp3 and /dev/null differ diff --git a/marketing/community/community-announcements.md b/marketing/community/community-announcements.md deleted file mode 100644 index 0892f9f6..00000000 --- a/marketing/community/community-announcements.md +++ /dev/null @@ -1,124 +0,0 @@ -# Phase 30 Launch — Community Announcements - -> **For:** DevRel / Community Manager | **Status:** Draft -> **Channels:** Discord, Slack (public channels), relevant forums - ---- - -## Discord — #announcements - -**Subject:** Phase 30 is GA — Remote Workspaces are live - -``` -Phase 30 is generally available as of today. - -Remote Workspaces let you run Molecule AI agents on any machine — your laptop, a cloud VM, an on-prem server — and they show up in Canvas like every other workspace. Same auth, same A2A protocol, same audit trail. - -Quickstart → https://moleculesai.app/docs/guides/remote-workspaces - -Two features that shipped with Phase 30 worth highlighting: -• AGENTS.md auto-generation — peer agents can read each other's manifest without system prompts (AAIF standard) -• Cloudflare Artifacts integration — workspace state can be versioned in a git repo, forked into new agents - -Demo walkthroughs → https://moleculesai.app/docs/marketing/demos - -Questions? Drop them here or in #support. -``` - ---- - -## Discord — #remote-workspaces (new or existing channel) - -``` -Heads up: Remote Workspaces are now GA in Phase 30. - -If you've been waiting for a way to run agents locally (for debugging) or in your own cloud account, this is the release. - -What changed: -• Agent runtime: remote (connects via WSS, no inbound ports needed) -• Auth: org-scoped bearer token — same as container workspaces -• Canvas: REMOTE badge shows the runtime type -• A2A: works across container/remote without code changes - -Docs → https://moleculesai.app/docs/guides/remote-workspaces -FAQ → https://moleculesai.app/docs/guides/remote-workspaces-faq - -Known issues → reply here or ping me. -``` - ---- - -## Slack — #general or #launch (public org Slack) - -``` -Phase 30 is live. - -Remote Workspaces are now generally available. You can run Molecule AI agents on your own infrastructure — laptop, cloud VM, on-prem — and they'll register to your org and appear in Canvas. - -Key detail for teams evaluating data residency: agent compute can stay on your infrastructure. The platform handles orchestration, auth, and coordination. - -Docs: https://moleculesai.app/docs/guides/remote-workspaces -Quickstart: https://moleculesai.app/docs/guides/remote-workspaces#quick-start -Launch post: https://moleculesai.app/blog/remote-workspaces-ga -``` - ---- - -## Slack — #devrel / #community (ecosystem channels) - -``` -Phase 30 is GA. - -Two things that shipped that the agent ecosystem community might care about: - -1. AGENTS.md is now auto-generated at workspace boot — implements the AAIF / Linux Foundation standard. Peer agents can discover each other's identity and tools without reading system prompts. PR: molecule-core#763 - -2. Cloudflare Artifacts git integration — every workspace can have a git repo for versioned state snapshots. Fork the repo to bootstrap a new agent from any checkpoint. PR: molecule-core#641 - -Working demos with full API examples: https://moleculesai.app/docs/marketing/demos - -If you're building agent coordination tooling, these two features should make your life easier. -``` - ---- - -## Reddit — r/MachineLearning / r/LocalLLaMA (if applicable) - -**Post title:** Molecule AI Phase 30: Remote Workspaces are GA — agents that run on your own infrastructure - -**Body:** -**Body:** - -Molecule AI Phase 30 launched today — Remote Workspaces are now generally available. - -Until now, all Molecule AI agents ran on the platform's Docker infrastructure. Phase 30 lets you run agents on your own hardware: your laptop, a cloud VM, an on-prem server. They register to your org and appear in the same Canvas as your platform agents. - -What this means practically: -- Run agents locally for debugging with your IDE, while they participate in your org's task pipeline -- Keep agent compute on your own infrastructure for data-residency requirements -- Mix Docker and remote agents in the same org — Canvas shows them identically, A2A works across both - -The auth model is the same: workspace-scoped bearer tokens, revocable per-agent. No shared secrets. - -Quick-start is under 5 minutes. Install the Python SDK, create a workspace with `runtime: external`, and your agent registers and appears in Canvas. - -Docs: https://moleculesai.app/docs/guides/remote-workspaces -GitHub: https://github.com/Molecule-AI/molecule-core - -(PRs #1075-1083, 1085-1100) - ---- -*[Short version — trim to 300 words for r/MachineLearning if needed.]* - ---- - -## Notes - -- Post Discord/Slack announcements the morning of launch day (09:00 UTC window) -- Reddit posts should go up after Discord/Slack (don't want to look like spam across channels simultaneously) -- Customize [CHANNEL-WELCOME-TONE] per channel — `#general` should be accessible, `#engineering` can be more technical -- All links assume docs site is live — confirm before posting - ---- - -*Drafted by DevRel. Customize sender name and channel-specific opening lines before posting.* diff --git a/marketing/community/hacker-news-launch.md b/marketing/community/hacker-news-launch.md deleted file mode 100644 index 811ddbe2..00000000 --- a/marketing/community/hacker-news-launch.md +++ /dev/null @@ -1,108 +0,0 @@ -# Phase 30 Launch — Hacker News Submission Guide - -> **For:** DevRel / whoever submits | **Status:** Draft — submit when ready -> **Trigger:** After blog post is live on docs site - ---- - -## Why HN? - -Hacker News has a large developer and technical audience that overlaps with Molecule AI's target users: platform engineers, indie developers building with AI, and technical evaluators. A well-crafted HN post can drive significant docs traffic and signups. - ---- - -## What to Submit - -**URL:** The Phase 30 launch blog post at `https://moleculesai.app/blog/remote-workspaces-ga` - -**Title options:** - -| Option | Title | When to use | -|---|---|---| -| A | Show HN — Phase 30: run AI agents on your laptop, your cloud, anywhere | Standard launch | -| B | Show HN — Molecule AI launches Remote Workspaces (GA) | If the "Show HN" prefix is too meta | -| C | Show HN — We built a fleet management layer for AI agents | Developer-heavy audience, less marketing | - -**Recommended:** Option A — HN readers respond well to technical products with a clear "what it does" title. - ---- - -## What to Write in the HN Post Body - -The blog post is the destination. The HN post body is a 2–3 paragraph pitch that earns the click. Write it yourself — don't paste the full blog post. - -**Template:** - -``` -We just shipped Phase 30 — Remote Workspaces is now GA. - -Most AI agent platforms assume all agents run inside the platform's infrastructure. Phase 30 lets agents run anywhere: your laptop, a VM in your own cloud account, an on-prem server. They register to the same org, appear in the same Canvas, and communicate via the same A2A protocol. - -The governance is the same. The auth contract is the same. The only visible difference is a REMOTE badge on the workspace card. - -Quickstart is under 5 minutes: - pip install molecule-ai-sdk - python3 run.py --runtime remote - -Docs, demo, and quickstart guide in the link. - -(I'm [NAME] from the Molecule AI team — AMA.) -``` - -**Key HN-specific rules:** -- Don't use "I" too many times — but the "(I'm ... AMA)" close is expected and encouraged -- Don't hard-sell or use marketing language — just describe the product -- Be specific about what it does ("A2A protocol", "workspace auth tokens") — that signals technical depth -- Keep it short — 2–3 paragraphs, not an essay - ---- - -## When to Submit - -**Timing matters:** - -- Submit when HN traffic is high but not oversaturated -- **Best window:** Tuesday–Thursday, 10:00–13:00 UTC (roughly when US East Coast is morning and Europe is mid-day) -- **Avoid:** Mondays (low traffic), Fridays (weekend readers don't upvote), major news events -- **Recommended day:** Wednesday of launch week, 11:00 UTC - ---- - -## What Happens After Submitting - -1. **Monitor for 2–4 hours** after submission — respond to comments, answer technical questions -2. **Don't be defensive** if criticism comes — acknowledge legitimate issues, don't argue -3. **Upvote your own post once** — this is normal and expected on HN -4. **If it hits the front page:** brace for volume — keep at least one team member monitoring - ---- - -## Comment Templates for Common Questions - -**"How is this different from Modal / Railway?"** -> Modal and Railway run your code on their infrastructure. Molecule AI Remote Workspaces run on yours — you own the compute, the data stays on your machine. We're an orchestration layer, not an inference platform. - -**"How is this different from Cursor / Copilot?"** -> Cursor and Copilot are individual developer tools — one human, one AI. Molecule AI is an agent orchestration platform — multiple autonomous agents coordinating with each other. Remote Workspaces are about running *agents* that collaborate, not just one developer and one AI pairing. - -**"Why would I want agents on my laptop?"** -> Local iteration + debugging with your IDE, while the agent still participates in your org's task pipeline. Also useful for data-residency requirements — agent compute on your infrastructure while orchestration stays on the platform. - -**"Is this production-ready?"** -> Yes — Phase 30 is generally available. Remote Workspaces are in the same GA release as container workspaces. - ---- - -## Alternate: "Ask HN" - -If the team prefers an "Ask HN" format (more engagement, more questions): - -**Title:** Ask HN — What would you build with a remote AI agent that runs on your own infrastructure? - -**Body:** Short framing paragraph + question. This format tends to get high comment volume. Risk: less control over the narrative. - -**Recommended format for launch:** Standard URL submission. More traffic, cleaner signal. - ---- - -*Replace [NAME] with actual submitter name before posting.* diff --git a/marketing/copy/phase30-landing-copy.md b/marketing/copy/phase30-landing-copy.md deleted file mode 100644 index 8b01fb78..00000000 --- a/marketing/copy/phase30-landing-copy.md +++ /dev/null @@ -1,76 +0,0 @@ -# Phase 30 — Remote Workspaces: Landing Page Copy - -> **Cycle:** Marketing work cycle — offline content prep -> **Status:** Draft for Marketing Lead review -> **Placement:** Primary CTA section and benefit blocks on the Phase 30 landing page - ---- - -## Hero Section - -**Headline:** Agents that run where you need them. - -**Subheadline:** Remote Workspaces let your AI agents operate on any machine — your laptop, a data-center VM, a customer environment — while staying fully managed in Molecule AI Canvas. - ---- - -## Primary CTA Block - -**Button:** Start with Remote Workspaces → - -**Microcopy below button:** No credit card. 5-minute setup. Runs on any machine with outbound HTTPS. - ---- - -## Benefit Block 1 — "Your environment. Your agents." - -**Headline:** Works where your data lives. - -**Body:** Remote Workspaces run on-premises or in your own cloud account. No data leaves your infrastructure — the platform only coordinates the agent. Ideal for regulated environments, on-prem workloads, and data-locality requirements. - ---- - -## Benefit Block 2 — "One Canvas. Every runtime." - -**Headline:** Mixed fleets without compromise. - -**Body:** Run container workspaces for ephemeral tasks and remote workspaces for persistent, environment-specific agents — all visible in the same Canvas. A2A coordination works across runtimes without code changes. - ---- - -## Benefit Block 3 — "Enterprise controls, everywhere." - -**Headline:** Same governance, any infrastructure. - -**Body:** MCP plugin allowlists, org-scoped API keys, workspace audit logs, and session-tier access controls apply to remote workspaces identically. The remote runtime is a transport — not a separate security model. - ---- - -## Social Proof / Trust Bar - -*For [Company] and [Company], data residency isn't optional.* -*Remote Workspaces keep agent compute on your infrastructure — while Canvas keeps you in control.* - ---- - -## Bottom CTA - -**Headline:** Ready to expand your fleet? - -**Body:** Remote Workspaces are in GA. Self-serve setup in minutes. Talk to us if you need a custom enterprise deployment. - -**Button:** Talk to Sales | View the Docs - ---- - -## X/LinkedIn Short-form Variant - -**Option A (technical audience):** -> Your agents. Your infra. Remote Workspaces are GA — run AI agents on any machine while Canvas keeps them coordinated. MCP governance travels with the agent. → [docs link] - -**Option B (buyer audience):** -> Phase 30 is live: Remote Workspaces let your AI agents run where your data lives — on-prem, in your cloud, anywhere. One Canvas. Mixed fleet. Enterprise controls. → [link] - ---- - -*Needs Marketing Lead review for brand voice consistency and competitive callouts.* diff --git a/marketing/demos/README.md b/marketing/demos/README.md deleted file mode 100644 index 50cb02a0..00000000 --- a/marketing/demos/README.md +++ /dev/null @@ -1,65 +0,0 @@ -# Phase 30 Demos — DevRel Package - -Demo specs for two Phase 30-adjacent features requiring working demonstrations. - ---- - -## Demo 1: #1172 — AGENTS.md Auto-Generation - -**Issue:** `Molecule-AI/internal#1172` -**PR:** `molecule-core#763` -**Feature:** `workspace/agents_md.py` — auto-generates `AGENTS.md` at boot using the AAIF standard -**Acceptance:** working demo + repo link + 1-min screencast - -### Files -| File | Description | -|---|---| -| `marketing/demos/agents-md-auto-generation/README.md` | Full working demo, API calls, screencast outline, TTS narration | -| `marketing/demos/agents-md-auto-generation/narration.mp3` | 30s narration audio | - -### Screencast (1 min) -1. Canvas: pm-agent + researcher online -2. Terminal: read PM's AGENTS.md via platform files API -3. AGENTS.md output shown: role, A2A endpoint, tools -4. Researcher sends A2A task to PM using discovered endpoint -5. Canvas shows both active — close on "agents that can read each other" - -### Repo link -`workspace/agents_md.py` on `molecule-core` main -Direct: `workspace/agents_md.py` - ---- - -## Demo 2: #1173 — Cloudflare Artifacts Integration - -**Issue:** `Molecule-AI/internal#1173` -**PR:** `molecule-core#641` -**Feature:** `POST/GET /workspaces/:id/artifacts`, fork, token endpoints — "Git for agents" -**Acceptance:** workspace snapshot to/from CF Artifacts + 1-min screencast - -### Files -| File | Description | -|---|---| -| `marketing/demos/cloudflare-artifacts/README.md` | Full working demo, API calls, screencast outline, TTS narration | -| `marketing/demos/cloudflare-artifacts/narration.mp3` | 30s narration audio | - -### Screencast (1 min) -1. Canvas: workspace online -2. Terminal: `POST /workspaces/:id/artifacts` — repo created, remote URL returned -3. Mint git credential, `git clone` with authenticated URL -4. Write snapshot, `git push` — push succeeds -5. Fork call: `POST /workspaces/:id/artifacts/fork` — new repo created -6. Close on "versioned agent state, built into the platform" - -### Repo link -`workspace-server/internal/handlers/artifacts.go` on `molecule-core` main -Direct: `workspace-server/internal/handlers/artifacts.go` - ---- - -## Audio Assets - -| File | Duration | Voice | Description | -|---|---|---|---| -| `agents-md-auto-generation/narration.mp3` | ~30s | en-US-AriaNeural | AGENTS.md auto-generation narration | -| `cloudflare-artifacts/narration.mp3` | ~30s | en-US-AriaNeural | Cloudflare Artifacts narration | \ No newline at end of file diff --git a/marketing/demos/agents-md-auto-generation/README.md b/marketing/demos/agents-md-auto-generation/README.md deleted file mode 100644 index 59a9bcbc..00000000 --- a/marketing/demos/agents-md-auto-generation/README.md +++ /dev/null @@ -1,178 +0,0 @@ -# AGENTS.md Auto-Generation — Working Demo - -> **PR:** #763 — AGENTS.md auto-generation for Molecule AI workspaces -> **What it ships:** `workspace/agents_md.py` — generates `AGENTS.md` at boot -> **Acceptance criteria:** working demo + repo link + 1-min screencast - ---- - -## What This Demo Shows - -An AI agent (the "coordinator") reads another agent's `AGENTS.md` file to discover its identity, A2A endpoint, and toolset — without reading the full system prompt. This is the AAIF / Linux Foundation AGENTS.md standard in action. - -**The flow:** -1. A PM workspace starts up — `agents_md.py` auto-generates `AGENTS.md` -2. A researcher workspace starts up — same process -3. The researcher reads the PM's `AGENTS.md` to understand what tools it has and how to reach it -4. The researcher dispatches a task to the PM via A2A using the discovered endpoint - ---- - -## Prerequisites - -- Molecule AI platform running (`go run ./cmd/server` from `workspace-server/`) -- Canvas open at `http://localhost:3000` -- Two workspaces: one running as PM role, one as researcher -- For the script demo: `python3` and `requests` - ---- - -## Working Demo Script - -### 1. Check the AGENTS.md file on a running workspace - -On the PM workspace container: - -```bash -# Inside the PM workspace container -cat /workspace/AGENTS.md -``` - -Expected output: -```markdown -# pm-agent - -**Role:** Project Manager - -## Description -PM agent — coordinates tasks, dispatches to reports, manages timeline. - -## A2A Endpoint -http://pm-workspace:8000/a2a - -## MCP Tools -- delegate_to_workspace -- check_delegation_status -- commit_memory -- recall_memory -``` - -The file was generated automatically at boot by `agents_md.py`. It reflects the workspace `config.yaml` in real time — any change to the role, description, or plugins is reflected on the next regeneration. - ---- - -### 2. See the generation in the workspace logs - -The workspace startup log includes: - -``` -INFO agents_md: Generated AGENTS.md at /workspace/AGENTS.md for workspace 'pm-agent' -``` - -This confirms `generate_agents_md()` ran as part of `main.py` startup. - ---- - -### 3. See the regeneration on config change - -If you edit `config.yaml` and call `generate_agents_md()` again: - -```bash -# On the PM workspace -python3 -c " -from agents_md import generate_agents_md -generate_agents_md('/configs', '/workspace/AGENTS.md') -print('Regenerated') -" -cat /workspace/AGENTS.md -``` - -The file reflects the updated role or description immediately. - ---- - -### 4. See a peer agent read the AGENTS.md (demo scenario) - -This is the coordination moment — the scenario from issue #1172. - -```python -# Researcher workspace: read PM's AGENTS.md via the platform files API - -import requests, base64 - -PLATFORM_URL = "http://localhost:8080" -WORKSPACE_TOKEN = "researcher-workspace-token" - -# Get the PM workspace ID (known from canvas or registry) -# For this demo: PM workspace ID = ws-pm-123 - -# Read PM's AGENTS.md via the platform's file API -resp = requests.get( - f"{PLATFORM_URL}/workspaces/ws-pm-123/files/AGENTS.md", - headers={"Authorization": f"Bearer {WORKSPACE_TOKEN}"}, -) -print(resp.json()["content"]) -``` - -Parses the PM's `AGENTS.md`: -```markdown -# pm-agent - -**Role:** Project Manager - -## Description -PM agent — coordinates tasks, dispatches to reports, manages timeline. - -## A2A Endpoint -http://pm-workspace:8000/a2a - -## MCP Tools -- delegate_to_workspace -- check_delegation_status -``` - -Now the researcher knows: -- PM's role is "Project Manager" → it dispatches, not executes -- PM's A2A endpoint → where to send coordination requests -- PM has `delegate_to_workspace` tool → it can cascade tasks to reports - -The researcher then uses this to coordinate: sends a status report to the PM, knowing the PM will route it up or dispatch a follow-up task. - ---- - -## Screencast Outline (1 min) - -**0:00–0:10** Canvas shows two workspaces online — pm-agent and researcher. Researcher node shows current task: "idle". - -**0:10–0:25** Terminal on researcher workspace: `curl` or Python script reads PM's `AGENTS.md` via the platform files API. Output shows the PM's role, A2A endpoint, and tools. - -**0:25–0:40** Researcher sends an A2A task to the PM: "Status: data pipeline complete, ready for review." PM receives it in its canvas chat. - -**0:40–0:55** PM's `AGENTS.md` is shown briefly in the researcher terminal — the researcher used it to understand PM's capabilities before sending the task. - -**0:55–1:00** Canvas shows both workspaces active. Narration: *"AGENTS.md means every agent knows what its peers can do — without reading system prompts."* - ---- - -## Code Reference - -| File | What it does | -|---|---| -| `workspace/agents_md.py` | `generate_agents_md()` — reads `config.yaml`, writes `AGENTS.md` | -| `workspace/main.py` | Calls `generate_agents_md()` at startup | -| `config.py` | `load_config()` — reads `config.yaml` | - -**Source:** `workspace/agents_md.py` (PR #763) - -```python -from agents_md import generate_agents_md - -# Called automatically at startup; can be called again on config change -generate_agents_md(config_dir="/configs", output_path="/workspace/AGENTS.md") -``` - ---- - -## TTS Narration Script (30s) - -> When a PM agent starts up in Molecule AI, it generates an AGENTS.md file automatically — not manually written, not kept in sync by hand. It reflects the workspace config in real time. Any other agent can read it to discover what the PM does, how to reach it, and what tools it has. No system prompts, no guessing. Just the facts. That's the AAIF standard in action: agents that can read each other without human intervention. AGENTS.md auto-generation, from Molecule AI workspace. \ No newline at end of file diff --git a/marketing/demos/agents-md-auto-generation/narration.mp3 b/marketing/demos/agents-md-auto-generation/narration.mp3 deleted file mode 100644 index 196bf2ca..00000000 Binary files a/marketing/demos/agents-md-auto-generation/narration.mp3 and /dev/null differ diff --git a/marketing/demos/agents-md-auto-generation/storyboard.md b/marketing/demos/agents-md-auto-generation/storyboard.md deleted file mode 100644 index 3f7b4e4b..00000000 --- a/marketing/demos/agents-md-auto-generation/storyboard.md +++ /dev/null @@ -1,163 +0,0 @@ -# Screencast Storyboard — AGENTS.md Auto-Generation - -> **PR:** #763 | **Feature:** `workspace/agents_md.py` | **Duration:** 60 seconds -> **Format:** Terminal-led with Canvas overlay cuts - ---- - -## Pre-roll (0:00–0:03) - -**Canvas — full screen** -Two workspace cards in Canvas: `pm-agent [ONLINE]` and `researcher [IDLE]`. - -Narration (VO, 0:00–0:03): -> "Two agents. The PM coordinates. The researcher does the work. They need to talk to each other — without humans in the loop." - -**Camera:** Static Canvas view. No cursor movement. Clean frame. - ---- - -## Moment 1 — PM boots, AGENTS.md generated (0:03–0:12) - -**Cut to:** Terminal window, terminal prompt: `agent@pm-workspace:~$` - -```bash -# Simulate the workspace startup — truncated log -INFO main: Starting workspace pm-agent -INFO agents_md: Generating AGENTS.md for workspace 'pm-agent' -INFO agents_md: Generated AGENTS.md at /workspace/AGENTS.md -INFO a2a: A2A server listening on :8000 -INFO main: Workspace 'pm-agent' online -``` - -**Camera:** Type-in animation. Cursor blinks. Text appears line by line (simulate with playback speed 2x). - -Narration (0:06–0:12): -> "When the PM workspace starts up, AGENTS.md is generated automatically — from the config file, not a human." - -**Highlight:** `INFO agents_md: Generated AGENTS.md at /workspace/AGENTS.md` — brief yellow highlight ring (1s). - ---- - -## Moment 2 — Researcher reads PM's AGENTS.md (0:12–0:25) - -**Cut to:** Second terminal tab. Prompt: `agent@researcher:~$` - -```python -import requests - -resp = requests.get( - "https://acme.moleculesai.app/workspaces/ws-pm-123/files/AGENTS.md", - headers={"Authorization": "Bearer researcher-token-xxx"}, -) -print(resp.json()["content"]) -``` - -**Cut to:** Terminal output (scroll): - -``` -# pm-agent - -**Role:** Project Manager - -## Description -PM agent — coordinates tasks, dispatches to reports, manages timeline. - -## A2A Endpoint -http://pm-workspace:8000/a2a - -## MCP Tools -- delegate_to_workspace -- check_delegation_status -``` - -**Camera:** Scroll to show the full file. Hold 2s. - -Narration (0:14–0:22): -> "The researcher reads the PM's AGENTS.md — through the platform API. Instantly knows the PM's role, its A2A endpoint, and the tools it has." - -**Highlight:** `A2A Endpoint` and `MCP Tools` lines — brief underline pulse. - -**Callout text appears bottom-left:** -`No system prompts. No documentation lookup. Just the facts.` - ---- - -## Moment 3 — Researcher dispatches A2A task (0:25–0:42) - -**Terminal continues:** - -```python -from a2a import A2ATask - -task = A2ATask( - to="http://pm-workspace:8000/a2a", - type="status_report", - payload={ - "milestone": "data-pipeline", - "status": "complete", - "artifacts": ["dataset-v3.parquet"], - } -) -result = task.send() -print(result) -``` - -**Terminal output:** - -``` -{"task_id": "task-abc-456", "status": "queued", "pm_receipt": "2026-04-21T00:00:22Z"} -``` - -**Camera:** Type-in animation. Brief hold on result JSON. - -Narration (0:27–0:35): -> "Now the researcher has everything it needs. It sends an A2A task to the PM — using the endpoint it discovered from AGENTS.md. No hardcoded addresses." - ---- - -## Moment 4 — PM receives task (0:42–0:52) - -**Cut to:** Canvas — pm-agent card. - -New message bubble appears in pm-agent's canvas chat: -`researcher: Status report — data-pipeline complete. 1 artifact ready.` - -Below the message, status indicator changes: `pm-agent [ACTIVE]` - -Researcher card shows: `researcher [DISPATCHED]` - -Narration (0:42–0:48): -> "The PM receives it in Canvas. Status updated. The coordination happened without human input — AAIF in action." - ---- - -## Close (0:52–1:00) - -**Canvas — full frame.** Both cards visible. `pm-agent [ACTIVE]` + `researcher [DISPATCHED]`. - -Narration (0:52–0:58): -> "AGENTS.md means every agent knows what its peers can do — without reading system prompts. Auto-generated. Always current. That's the AAIF standard, from Molecule AI." - -**End card:** - -``` -AGENTS.md Auto-Generation -workspace/agents_md.py — molecule-core#763 -``` - -**Fade to black.** - ---- - -## Production Notes - -- **Terminal theme:** Dark, monospace, minimal chrome. Use `ITerm2` profile "Molecule Dark" or equivalent. -- **Font:** SF Mono 14pt or JetBrains Mono 13pt. -- **Canvas cutaways:** Use the dev canvas at `localhost:3000` with two workspaces in active states. Pre-record these moments. -- **Camera:** Screenflow or Camtasia for macOS. Record at 1440×900, export at 1080p. -- **VO recording:** Record after final edit is locked. Use `en-US-AriaNeural` as reference voice for timing. -- **Narration pacing:** Read the script against the timeline before locking the VO session. -- **Music:** No music — keep it clean and technical. Consider a subtle 2s click sound at 0:03 (boot log) to anchor the start. -- **Highlights:** Use a yellow/amber ring `#E8A000` with 1s fade-in/out for callouts. -- **End card:** Centered, white text on dark background. 1080p canvas. diff --git a/marketing/demos/cloudflare-artifacts/README.md b/marketing/demos/cloudflare-artifacts/README.md deleted file mode 100644 index e0cd914b..00000000 --- a/marketing/demos/cloudflare-artifacts/README.md +++ /dev/null @@ -1,199 +0,0 @@ -# Cloudflare Artifacts — Working Demo - -> **PR:** #641 — Cloudflare Artifacts demo integration -> **What it ships:** `POST/GET /workspaces/:id/artifacts`, `POST /workspaces/:id/artifacts/fork`, `POST /workspaces/:id/artifacts/token` -> **Concept:** "Git for agents" — versioned workspace snapshot storage -> **Acceptance criteria:** working demo showing workspace snapshot to/from Cloudflare Artifacts + 1-min screencast - ---- - -## What This Demo Shows - -A workspace links to a Cloudflare Artifacts git repo. The agent can push snapshots (git commits) and later fork the repo to bootstrap a new workspace. This is versioned workspace state — like `git init` for agent memory. - -**The flow:** -1. Attach a CF Artifacts repo to a workspace (or import an existing Git repo) -2. Mint a short-lived git credential via the platform -3. Agent clones the repo, writes a snapshot, pushes -4. Fork the repo to bootstrap a new workspace - ---- - -## Prerequisites - -- Molecule AI platform with `CF_ARTIFACTS_API_TOKEN` and `CF_ARTIFACTS_NAMESPACE` set -- A running workspace with a bearer token -- `git` and `curl` on the caller machine - ---- - -## Working Demo Script - -### 1. Attach / create a CF Artifacts repo to a workspace - -```bash -# Admin token or workspace token -WORKSPACE_ID=ws-abc123 -PLATFORM=https://acme.moleculesai.app -TOKEN=your-workspace-or-admin-token - -# Create (or import) the repo -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts" \ - -H "Authorization: Bearer $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ - "name": "my-workspace-snapshots", - "description": "Versioned snapshots of workspace state" - }' | jq -``` - -Response (201): -```json -{ - "id": "art-uuid-456", - "workspace_id": "ws-abc123", - "cf_repo_name": "my-workspace-snapshots", - "cf_namespace": "my-namespace", - "remote_url": "https://hash.artifacts.cloudflare.net/git/my-workspace-snapshots.git", - "description": "Versioned snapshots of workspace state", - "created_at": "2026-04-20T12:00:00Z" -} -``` - -The repo was created in Cloudflare Artifacts and linked to the workspace. No separate CF dashboard login needed. - ---- - -### 2. Import an existing GitHub repo instead - -```bash -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts" \ - -H "Authorization: Bearer $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ - "name": "researcher-agent", - "description": "Researcher agent workspace", - "import_url": "https://github.com/myorg/researcher-agent.git", - "import_branch": "main", - "import_depth": 1 - }' | jq -``` - -The platform calls the CF Artifacts API to import the GitHub repo. The workspace now has a full git history of the agent's work. - ---- - -### 3. Mint a git credential - -```bash -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts/token" \ - -H "Authorization: Bearer $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{"scope": "write", "ttl": 3600}' | jq -``` - -Response: -```json -{ - "token": "cf_at_xxxxx...xxxx", - "scope": "write", - "expires_at": "2026-04-20T13:00:00Z", - "clone_url": "https://x:cf_at_xxxxx...xxxx@artifacts.cloudflare.net/git/my-workspace-snapshots.git", - "message": "Save this token — it cannot be retrieved again." -} -``` - -The `clone_url` is the authenticated git remote. Use it directly: - -```bash -git clone https://x:cf_at_xxxxx@artifacts.cloudflare.net/git/my-workspace-snapshots.git -``` - -The token is scoped to this workspace's repo only. It expires in 1 hour (configurable up to 7 days). - ---- - -### 4. Clone, snapshot, push - -```bash -# Clone the workspace repo -git clone "https://x:cf_at_xxxxx@artifacts.cloudflare.net/git/my-workspace-snapshots.git" \ - /tmp/workspace-snapshots - -cd /tmp/workspace-snapshots - -# Agent writes a snapshot: memory dump, active task state, config -echo "current_task: researching competitor X" > snapshot.md -echo "uptime_seconds: 3600" >> snapshot.md -echo "memory_summary: analyzed 12 sources, 3 key findings" >> snapshot.md - -git add snapshot.md -git commit -m "snapshot: researching competitor X — 3 findings ready" -git push origin main -``` - -The workspace state is now in Cloudflare Artifacts — versioned, accessible to other workspaces, recoverable. - ---- - -### 5. Fork the repo for a new workspace - -```bash -# Researcher wants to start from the PM's workspace snapshot -curl -s -X POST "$PLATFORM/workspaces/ws-pm-123/artifacts/fork" \ - -H "Authorization: Bearer $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ - "name": "researcher-from-pm", - "description": "Forked from pm-agent workspace", - "default_branch_only": true - }' | jq -``` - -Response: -```json -{ - "fork": { - "name": "researcher-from-pm", - "namespace": "my-namespace", - "remote_url": "https://hash2.artifacts.cloudflare.net/git/researcher-from-pm.git" - }, - "object_count": 47, - "remote_url": "https://hash2.artifacts.cloudflare.net/git/researcher-from-pm.git" -} -``` - -The forked repo is a separate Cloudflare Artifacts repository with the full snapshot history. A new workspace can clone it and pick up where the PM left off. - ---- - -## Screencast Outline (1 min) - -**0:00–0:10** Canvas: a workspace is online. Terminal: `curl POST /workspaces/:id/artifacts` — repo created, response shows CF Artifacts remote URL. - -**0:10–0:25** Terminal: mint a git credential. `clone_url` shown in response. `git clone` runs, repo clones in <5s. - -**0:25–0:40** Agent writes a workspace snapshot to the repo. `echo` → `git add` → `git commit` → `git push`. Output shows the push succeeded. - -**0:40–0:55** Canvas: fork call. `POST /workspaces/:id/artifacts/fork` → new repo created in CF Artifacts. The new workspace ID is returned. - -**0:55–1:00** Narration: *"Every workspace can have its own git history. Snapshot state, version it, fork it into a new agent. Git for agents, built into the platform."* - ---- - -## TTS Narration Script (30s) - -> Cloudflare Artifacts turns your Molecule AI workspace into a versioned git repository. Attach a repo, mint a short-lived credential, and the agent can push snapshots — memory dumps, task state, config — and other agents can fork the history to bootstrap from the same point. No external git service configuration. No separate dashboard. The platform manages the credential lifecycle and the repo link. Versioned agent state, built into the platform. That's the first-mover advantage: Git for agents, from Molecule AI. - ---- - -## API Reference - -| Method | Path | What | -|---|---|---| -| `POST` | `/workspaces/:id/artifacts` | Attach/create CF Artifacts repo | -| `GET` | `/workspaces/:id/artifacts` | Get linked repo info | -| `POST` | `/workspaces/:id/artifacts/fork` | Fork repo to new workspace | -| `POST` | `/workspaces/:id/artifacts/token` | Mint short-lived git credential | - -**Source:** `workspace-server/internal/handlers/artifacts.go` (PR #641) \ No newline at end of file diff --git a/marketing/demos/cloudflare-artifacts/narration.mp3 b/marketing/demos/cloudflare-artifacts/narration.mp3 deleted file mode 100644 index 7b7fa3af..00000000 Binary files a/marketing/demos/cloudflare-artifacts/narration.mp3 and /dev/null differ diff --git a/marketing/demos/cloudflare-artifacts/storyboard.md b/marketing/demos/cloudflare-artifacts/storyboard.md deleted file mode 100644 index 6167ebda..00000000 --- a/marketing/demos/cloudflare-artifacts/storyboard.md +++ /dev/null @@ -1,201 +0,0 @@ -# Screencast Storyboard — Cloudflare Artifacts Integration - -> **PR:** #641 | **Feature:** `POST/GET /workspaces/:id/artifacts`, `/artifacts/fork`, `/artifacts/token` | **Duration:** 60 seconds -> **Format:** Terminal-led, clean dark theme - ---- - -## Pre-roll (0:00–0:04) - -**Canvas — full screen** -Single workspace card in Canvas: `data-agent [ONLINE]`. Status: `idle`. - -Narration (0:00–0:04): -> "This data-agent has been running for three hours. It has context, task state, memory. What happens when it disconnects?" - -**Camera:** Static Canvas frame. 3-second hold. No cursor. - ---- - -## Moment 1 — Attach a CF Artifacts repo (0:04–0:16) - -**Cut to:** Terminal window, dark theme. - -Prompt: `agent@data-agent:~$` - -```bash -WORKSPACE_ID="ws-data-agent-001" -PLATFORM="https://acme.moleculesai.app" -TOKEN="Bearer ws-token-xxx" - -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts" \ - -H "Authorization: $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ - "name": "data-agent-snapshots", - "description": "Versioned snapshots of data-agent workspace" - }' | jq -``` - -**Terminal output (JSON, formatted):** - -```json -{ - "id": "art-uuid-789", - "workspace_id": "ws-data-agent-001", - "cf_repo_name": "data-agent-snapshots", - "cf_namespace": "acme-production", - "remote_url": "https://hash.artifacts.cloudflare.net/git/data-agent-snapshots.git", - "created_at": "2026-04-21T00:00:10Z" -} -``` - -**Camera:** Cursor to `remote_url` field, highlight ring. Hold 1s. - -Narration (0:06–0:14): -> "One API call attaches a Cloudflare Artifacts git repo to the workspace. A remote URL is returned — no CF dashboard required." - -**Callout text (bottom-left):** -`Git for agents. No separate setup.` - ---- - -## Moment 2 — Mint a credential, clone the repo (0:16–0:28) - -**Terminal continues:** - -```bash -# Mint a short-lived git credential -TOKEN_RESP=$(curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts/token" \ - -H "Authorization: $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{"scope": "write", "ttl": 3600}') - -CLONE_URL=$(echo $TOKEN_RESP | jq -r '.clone_url') - -# Clone the workspace repo -git clone "$CLONE_URL" /tmp/data-agent-snapshots -``` - -**Terminal output:** - -``` -Cloning into '/tmp/data-agent-snapshots'... -remote: Enumerating objects: 12, done. -remote: Counting objects: 100% | (12/12), done. -Receiving objects: 100% | (12/12), 12.00 KiB, done. -``` - -**Camera:** Scroll through git clone output. Brief hold on `Receiving objects: 100%`. Clean finish. - -Narration (0:18–0:26): -> "A short-lived git credential is minted — valid for one hour. The agent clones the repo. Cloudflare Artifacts handles the git transport." - ---- - -## Moment 3 — Agent writes a snapshot (0:28–0:44) - -**Terminal continues:** - -```bash -cd /tmp/data-agent-snapshots - -# Agent writes its state to the repo -echo "# Workspace State — 2026-04-21" > snapshot.md -echo "current_task: analyzing sales pipeline Q1" >> snapshot.md -echo "data_sources_analyzed: 8" >> snapshot.md -echo "key_findings: [revenue-drop-may, churn-signal-3pc, upsell-opportunity]" >> snapshot.md -echo "uptime_seconds: 10800" >> snapshot.md -echo "last_status: COMPLETE" >> snapshot.md - -git add snapshot.md -git commit -m "snapshot: pipeline analysis complete — 3 key findings" -git push origin main -``` - -**Terminal output:** - -``` -[main abc1234] snapshot: pipeline analysis complete — 3 key findings - 1 file changed, 5 insertions(+) - Counting objects: 100% | (3/3), done. - Writing objects: 100% | (3/3), done. - remote: success -``` - -**Camera:** Full commit → push sequence. Hold on `remote: success`. Green checkmark indicator. - -Narration (0:30–0:40): -> "The agent writes a snapshot — current task, data sources, key findings — commits and pushes. The state is now in Cloudflare Artifacts. Versioned. Recoverable." - -**Callout text:** -`Versioned agent state — every push is a checkpoint.` - ---- - -## Moment 4 — Fork the repo for a new workspace (0:44–0:54) - -**Terminal:** - -```bash -# A new researcher workspace forks the data-agent's repo -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts/fork" \ - -H "Authorization: $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ - "name": "researcher-from-data-agent", - "description": "Forked from data-agent workspace", - "default_branch_only": true - }' | jq -``` - -**Terminal output:** - -```json -{ - "fork": { - "name": "researcher-from-data-agent", - "namespace": "acme-production", - "remote_url": "https://hash2.artifacts.cloudflare.net/git/researcher-from-data-agent.git" - }, - "object_count": 47, - "remote_url": "https://hash2.artifacts.cloudflare.net/git/researcher-from-data-agent.git" -} -``` - -**Camera:** Highlight the `remote_url` and `object_count` fields. Hold 2s. - -Narration (0:45–0:52): -> "Another agent forks the repo — a separate, isolated copy. 47 objects transferred. The new workspace can clone it and continue from the same point." - ---- - -## Close (0:54–1:00) - -**Terminal clean frame.** Cursor at prompt. - -Narration (0:54–0:58): -> "Every workspace can have its own git history. Snapshot state, version it, fork it into a new agent. Git for agents, built into the platform." - -**End card:** - -``` -Cloudflare Artifacts Integration -workspace-server/internal/handlers/artifacts.go — molecule-core#641 -``` - -**Fade to black.** - ---- - -## Production Notes - -- **Terminal theme:** Same as AGENTS.md storyboard — dark, SF Mono / JetBrains Mono 14pt. -- **Canvas cutaway (pre-roll + close):** Use dev canvas with one workspace in active state. Pre-record before the session. -- **Camera:** Screenflow / Camtasia. 1440×900 record → 1080p export. -- **Callout text:** Amber ring `#E8A000`, 1s fade-in/out, positioned bottom-left at 90% opacity on semi-transparent dark background. -- **Green success indicator:** On the `git push` moment, use a green ring pulse (`#22C55E`) for the `remote: success` line — 1.5s hold. -- **JSON jq output:** Use `jq` with a custom `.絹` (color) filter or `--monochrome-output` to keep it clean and readable in dark theme. -- **VO recording:** Match VO session with AGENTS.md storyboard — use the same voice talent and consistent pacing. -- **Music:** No music. Consider a subtle single-tone click at 0:04 (repo attached) and 0:54 (end card) for visual rhythm. -- **Speed:** The curl/git clone/push sequence should run at 2x playback in moments 1–4 for pacing. VO rides over the cuts. diff --git a/marketing/devrel/asset-inventory.md b/marketing/devrel/asset-inventory.md deleted file mode 100644 index 550a8834..00000000 --- a/marketing/devrel/asset-inventory.md +++ /dev/null @@ -1,178 +0,0 @@ -# Phase 30 Launch — DevRel Asset Inventory - -> **Cycle:** Marketing work cycle — offline asset tracking -> **Status:** Master list, update as content ships -> **Branch:** `content/blog/memory-backup-restore` (9 commits ahead of main; push blocked on GH_TOKEN) - -Use this as the source of truth for what DevRel has produced this cycle, what's pending review, what's staged, and what's blocked. - ---- - -## How to Read This Doc - -- **✅ LIVE** — published to docs site or social channels -- **🔍 REVIEW** — written, needs eyes from Marketing Lead / Doc Specialist / Support -- **📦 STAGED** — committed to `content/blog/memory-backup-restore`, ready to push -- **🔒 BLOCKED** — requires action (GH_TOKEN refresh, design team screenshot, PMM asset) - ---- - -## Blog Posts - -| File | Status | Owner | Needs | -|---|---|---|---| -| `docs/blog/2026-04-20-remote-workspaces/index.md` | 📦 STAGED | DevRel | Marketing Lead final read | -| `docs/blog/2026-04-20-chrome-devtools-mcp/index.md` | 📦 STAGED | DevRel | Technical accuracy check | -| `docs/blog/2026-04-20-container-vs-remote/index.md` | 📦 STAGED | DevRel | Marketing Lead voice review | -| `docs/blog/2026-04-20-secure-by-design/index.md` | 📦 STAGED | DevRel | Security Lead accuracy review | -| `docs/blog/2026-04-17-deploy-anywhere/index.md` | ✅ pre-existing | — | — | - ---- - -## Docs & Guides - -| File | Status | Owner | Needs | -|---|---|---|---| -| `docs/guides/remote-workspaces.md` | 📦 STAGED | DevRel | Doc Specialist final review | -| `docs/guides/same-origin-canvas-fetches.md` | 📦 STAGED | DevRel | Security Lead sign-off on `/cp/*` allowlist section | -| `docs/guides/remote-workspaces-faq.md` | 📦 STAGED | DevRel | Marketing Lead (voice), Doc Specialist (technical), Support (troubleshooting) | -| `docs/marketing/seo/keywords.md` | 🔍 REVIEW | SEO Analyst | SEO Analyst to surface and publish | - ---- - -## Marketing / Social Copy - -| File | Status | Owner | Needs | -|---|---|---|---| -| `marketing/devrel/phase30-social-copy.md` | 📦 STAGED | DevRel | PMM or CM to schedule posts (X all 4 versions, LinkedIn) | -| `marketing/devrel/chrome-devtools-mcp-social-copy.md` | 📦 STAGED | DevRel | CM to schedule alongside blog post | -| `marketing/copy/phase30-landing-copy.md` | 📦 STAGED | DevRel | Marketing Lead brand voice review | - ---- - -## Demos — Working Demos + Screencasts - -### Demo 1: AGENTS.md Auto-Generation (#1172, PR #763) - -| Asset | Status | Notes | -|---|---|---| -| `marketing/demos/agents-md-auto-generation/README.md` | 📦 STAGED | 4 scenario working demo + 1-min screencast outline + TTS script | -| `marketing/demos/agents-md-auto-generation/storyboard.md` | 📦 STAGED | Full production storyboard (camera, VO pacing, highlights, 4 moments) | -| `marketing/demos/agents-md-auto-generation/narration.mp3` | 📦 STAGED | 30s TTS (en-US-AriaNeural) | -| Repo link | 📦 STAGED | `workspace/agents_md.py` on `molecule-core` main | -| **GitHub issue comment** | 🔒 BLOCKED | `comment-1172.json` staged; `post-issue-comments.sh` ready; GH_TOKEN must refresh | -| ASSET: Canvas screenshot (pm-agent + researcher) | 🔒 BLOCKED | Design team needs live canvas + ngrok access | - -### Demo 2: Cloudflare Artifacts (#1173, PR #641) - -| Asset | Status | Notes | -|---|---|---| -| `marketing/demos/cloudflare-artifacts/README.md` | 📦 STAGED | 5 scenario working demo + 1-min screencast outline + TTS script | -| `marketing/demos/cloudflare-artifacts/storyboard.md` | 📦 STAGED | Full production storyboard (camera, VO pacing, green success pulse, 4 moments) | -| `marketing/demos/cloudflare-artifacts/narration.mp3` | 📦 STAGED | 30s TTS (en-US-AriaNeural) | -| Repo link | 📦 STAGED | `workspace-server/internal/handlers/artifacts.go` on `molecule-core` main | -| **GitHub issue comment** | 🔒 BLOCKED | `comment-1173.json` staged; GH_TOKEN must refresh | - ---- - -## Audio / Video Assets - -| File | Duration | Voice | Status | Needs | -|---|---|---|---|---| -| `marketing/audio/phase30-announce.mp3` | ~30s | en-US-AriaNeural | 📦 STAGED | CM to pair with social copy | -| `marketing/audio/phase30-video-vo.mp3` | ~67–75s | en-US-AriaNeural | 📦 STAGED | Video Editor to lock against timeline | -| `marketing/audio/phase30-video-vo-mandarin.mp3` | ~70s | zh-CN-XiaoxiaoNeural | 📦 STAGED | PMM to confirm authoritative script | -| `marketing/audio/chrome-devtools-mcp-summary.mp3` | ~77s | en-US-AriaNeural (+30%) | 📦 STAGED | Slightly over 65–75s target; trim 2s if needed | -| `marketing/audio/quickstart-audio.mp3` | ~67–75s | en-US-AriaNeural | 📦 STAGED | CM to pair with quickstart guide | -| `marketing/audio/phase30-video-vo-mandarin-script.txt` | 188 chars | — | 📦 STAGED | PMM to confirm path + authoritative script | - ---- - -## Visual Assets - -| File | Status | Notes | -|---|---|---| -| `marketing/assets/phase30-fleet-diagram.png` | 📦 STAGED | 126KB matplotlib; dark navy, purple REMOTE, blue platform; design notes in `phase30-fleet-diagram-notes.txt` | -| ASSET: Canvas screenshot (remote badge) | 🔒 BLOCKED | Design team needs live canvas + ngrok | -| ASSET: `phase30-canvas-remote-badge.png` | 🔒 BLOCKED | Same blocker as above | - ---- - -## Launch Execution - -| File | Status | Notes | -|---|---|---| -| `marketing/drip/post-push-checklist.md` | 📦 STAGED | 6-phase sequencing: push → PR → docs → social → email → verify | -| `marketing/drip/phase30-email-drip.md` | 📦 STAGED | 3-email CRM sequence (Day 1/3–4/7) with placeholders | -| `marketing/community/hacker-news-launch.md` | 📦 STAGED | HN guide, 3 title options, post body template, comment responses | -| `marketing/community/community-announcements.md` | 📦 STAGED | Discord + Slack + Reddit copy, channel-by-channel | - -## Sales Enablement - -| File | Status | Notes | -|---|---|---| -| `marketing/sales/phase30-sales-enablement.md` | 📦 STAGED | 4 competitive battlecards, 5 objection handlers, 3-min demo script | -| `marketing/sales/phase30-one-pager.md` | 📦 STAGED | 1-page PDF-ready asset with feature table, pricing, quick-start | - ---- - -## Scripts & Helpers - -| File | Status | Notes | -|---|---|---| -| `marketing/demos/post-issue-comments.sh` | 📦 STAGED | curl-based helper to post comments to #1172 + #1173 once GH_TOKEN refreshes | -| `comment-1172.json` | 📦 STAGED | Raw JSON body for #1172 comment | -| `comment-1173.json` | 📦 STAGED | Raw JSON body for #1173 comment | - ---- - -## Pending Actions by Owner - -### DevRel (this workspace) -- [ ] None currently — all deliverables committed - -### Marketing Lead -- [ ] Review `docs/guides/remote-workspaces-faq.md` — voice + technical accuracy -- [ ] Review `marketing/copy/phase30-landing-copy.md` — brand voice -- [ ] Review `docs/blog/2026-04-20-remote-workspaces/index.md` — final read before publish -- [ ] Post `phase30-social-copy.md` — schedule X posts (all 4 versions) + LinkedIn post -- [ ] Post `chrome-devtools-mcp-social-copy.md` — schedule alongside blog post -- [ ] Schedule 3-email drip sequence after blog post is live -- [ ] Submit or assign Hacker News post (see `hacker-news-launch.md`) - -### Community Manager -- [ ] Schedule social copy posts (see Marketing Lead row) -- [ ] Post community announcements per `community-announcements.md` - -### Video Editor -- [ ] Begin Phase 30 video assembly per `phase30-video-production.md` - -### Sales / Solutions Engineering -- [ ] Review `phase30-sales-enablement.md` — customize talk tracks to seller voice -- [ ] Review `phase30-one-pager.md` — replace link placeholders before distributing - -### PMM -- [ ] Confirm authoritative path for `marketing/social/phase30-launch-plan.md` (currently confirmed missing from internal repo) -- [ ] Confirm `phase30-video-vo-mandarin-script.txt` is the right script (188-char DevRel-authored placeholder) -- [ ] Supply canvas screenshot (`phase30-canvas-remote-badge.png`) using live canvas + ngrok - -### Design Team -- [ ] Capture canvas screenshot showing REMOTE badge on workspace card -- [ ] Refine `phase30-fleet-diagram.png` per `phase30-fleet-diagram-notes.txt` design checklist - -### SEO Analyst -- [ ] Surface and publish `docs/marketing/seo/keywords.md` - -### Support -- [ ] Review troubleshooting section of `docs/guides/remote-workspaces-faq.md` - -### Security Lead -- [ ] Review `/cp/*` allowlist section in `docs/guides/same-origin-canvas-fetches.md` -- [ ] Review `docs/blog/2026-04-20-secure-by-design/index.md` - -### CEO / Token Owner -- [ ] **CRITICAL:** Refresh `GH_TOKEN` — all pushes and issue comments are blocked until this is done - ---- - -*Maintained by DevRel. Update status columns as content ships or blockers clear.* diff --git a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-adapter-hero.png b/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-adapter-hero.png deleted file mode 100644 index b4d3fbf8..00000000 Binary files a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-adapter-hero.png and /dev/null differ diff --git a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-community-signal-flow.png b/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-community-signal-flow.png deleted file mode 100644 index baa331ed..00000000 Binary files a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-community-signal-flow.png and /dev/null differ diff --git a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-molecule-logo-combo.png b/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-molecule-logo-combo.png deleted file mode 100644 index 9a7eec0f..00000000 Binary files a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-molecule-logo-combo.png and /dev/null differ diff --git a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-slack-command-mockup.png b/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-slack-command-mockup.png deleted file mode 100644 index 860a5966..00000000 Binary files a/marketing/devrel/campaigns/discord-adapter-launch/assets/discord-slack-command-mockup.png and /dev/null differ diff --git a/marketing/devrel/campaigns/phase30-remote-workspaces/assets/canvas-fleet-mockup.png b/marketing/devrel/campaigns/phase30-remote-workspaces/assets/canvas-fleet-mockup.png deleted file mode 100644 index 3a2e668a..00000000 Binary files a/marketing/devrel/campaigns/phase30-remote-workspaces/assets/canvas-fleet-mockup.png and /dev/null differ diff --git a/marketing/devrel/campaigns/phase30-remote-workspaces/assets/token-lifecycle-card.png b/marketing/devrel/campaigns/phase30-remote-workspaces/assets/token-lifecycle-card.png deleted file mode 100644 index 3094a46a..00000000 Binary files a/marketing/devrel/campaigns/phase30-remote-workspaces/assets/token-lifecycle-card.png and /dev/null differ diff --git a/marketing/devrel/chrome-devtools-mcp-social-copy.md b/marketing/devrel/chrome-devtools-mcp-social-copy.md deleted file mode 100644 index f0d4e282..00000000 --- a/marketing/devrel/chrome-devtools-mcp-social-copy.md +++ /dev/null @@ -1,76 +0,0 @@ -# Chrome DevTools MCP — Social Copy - -Short-form content for X and LinkedIn accompanying the Chrome DevTools MCP governance blog post. - ---- - -## X (140–280 chars) - -### Version A — Governance angle -``` -Chrome DevTools MCP gives agents full browser control. Screenshot, DOM, JS execution — all through a standard interface. - -Raw CDP is all-or-nothing. Molecule AI adds the governance layer: which agents get access, what they can do, how to revoke it. - -Audit trail included. -``` - -### Version B — Production use cases -``` -Three things you couldn't automate before Chrome DevTools MCP + Molecule AI governance: - -1. Lighthouse CI/CD audits — agent opens Chrome, runs Lighthouse, posts score to PR -2. Visual regression testing — screenshot diffs across agent workflow runs -3. Authenticated session scraping — agent behind a login with managed cookies - -All with org API key audit trail. -``` - -### Version C — Problem framing -``` -Chrome DevTools MCP: browser automation as a first-class MCP tool. - -For prototypes: great. For production: you need something between no browser and full admin. That's the gap Molecule AI's MCP governance fills. -``` - ---- - -## LinkedIn (100–200 words) - -``` -Chrome DevTools MCP shipped in early 2026 — and browser automation is now a standard tool for any compatible AI agent. - -Screenshot. DOM inspection. Network interception. JavaScript execution. No custom wrappers, no browser-driver installation. - -That's the prototype story. For production — especially anything touching customer-facing workflows or authenticated sessions — all-or-nothing CDP access is a governance gap. - -Molecule AI's MCP governance layer answers the production questions: - -- Which agents can open a browser? -- What can they do with it? -- How do you revoke access? -- When something goes wrong, who accessed what session data? - -Real-world use cases the layer enables: automated Lighthouse performance audits in CI/CD, screenshot-based visual regression testing, and authenticated session scraping — agents operating behind a login with cookies managed through the platform's secrets system. - -Every action is logged. Every browser operation is attributed to an org API key and workspace ID. - -Chrome DevTools MCP plus Molecule AI's governance layer: browser automation that meets production standards. -``` - ---- - -## Image suggestions - -| Post | Image | -|---|---| -| X Version A | Fleet diagram: `marketing/assets/phase30-fleet-diagram.png` (reusable) | -| X Version B | Custom: 3-item checklist graphic — "Lighthouse / Regression / Auth Scraping" | -| X Version C | Quote card: "something between no browser and full admin" | -| LinkedIn | Quote card or the checklist graphic | - ---- - -## Hashtags - -`#MCP` `#BrowserAutomation` `#AIAgents` `#MoleculeAI` `#DevOps` `#QA` `#CI/CD` \ No newline at end of file diff --git a/marketing/devrel/demos/screencasts/storyboard-agents-md-auto-generation.md b/marketing/devrel/demos/screencasts/storyboard-agents-md-auto-generation.md deleted file mode 100644 index 08cb3df4..00000000 --- a/marketing/devrel/demos/screencasts/storyboard-agents-md-auto-generation.md +++ /dev/null @@ -1,143 +0,0 @@ -# Screencast Storyboard — AGENTS.md Auto-Generation -**PR:** #763 | **Feature:** `workspace/agents_md.py` | **Duration:** 60 seconds -**Format:** Terminal-led with Canvas overlay cuts - ---- - -## Pre-roll (0:00–0:03) - -**Canvas — full screen** -Two workspace cards in Canvas: `pm-agent [ONLINE]` and `researcher [IDLE]`. - -Narration (0:00–0:03): -> "Two agents. The PM coordinates. The researcher does the work. They need to talk to each other — without humans in the loop." - -**Camera:** Static Canvas view. No cursor movement. Clean frame. - ---- - -## Moment 1 — PM boots, AGENTS.md generated (0:03–0:12) - -**Cut to:** Terminal window, terminal prompt: `agent@pm-workspace:~$` - -```bash -INFO main: Starting workspace pm-agent -INFO agents_md: Generating AGENTS.md for workspace 'pm-agent' -INFO agents_md: Generated AGENTS.md at /workspace/AGENTS.md -INFO a2a: A2A server listening on :8000 -INFO main: Workspace 'pm-agent' online -``` - -**Camera:** Type-in animation. Cursor blinks. Text appears line by line (playback speed 2x). - -Narration (0:06–0:12): -> "When the PM workspace starts up, AGENTS.md is generated automatically — from the config file, not a human." - -**Highlight:** `INFO agents_md: Generated AGENTS.md at /workspace/AGENTS.md` — brief yellow highlight ring (1s). - ---- - -## Moment 2 — Researcher reads PM's AGENTS.md (0:12–0:25) - -**Cut to:** Second terminal tab. Prompt: `agent@researcher:~$` - -```python -import requests -resp = requests.get( - "https://acme.moleculesai.app/workspaces/ws-pm-123/files/AGENTS.md", - headers={"Authorization": "Bearer researcher-token-xxx"}, -) -print(resp.json()["content"]) -``` - -**Terminal output:** -```markdown -# pm-agent -**Role:** Project Manager -## Description -PM agent — coordinates tasks, dispatches to reports, manages timeline. -## A2A Endpoint -http://pm-workspace:8000/a2a -## MCP Tools -- delegate_to_workspace -- check_delegation_status -``` - -**Camera:** Scroll to full file. Hold 2s. - -Narration (0:14–0:22): -> "The researcher reads the PM's AGENTS.md — through the platform API. Instantly knows the PM's role, its A2A endpoint, and the tools it has." - -**Callout text (bottom-left):** -`No system prompts. No documentation lookup. Just the facts.` - ---- - -## Moment 3 — Researcher dispatches A2A task (0:25–0:42) - -```python -from a2a import A2ATask -task = A2ATask( - to="http://pm-workspace:8000/a2a", - type="status_report", - payload={ - "milestone": "data-pipeline", - "status": "complete", - "artifacts": ["dataset-v3.parquet"], - } -) -result = task.send() -print(result) -``` - -**Terminal output:** -```json -{"task_id": "task-abc-456", "status": "queued", "pm_receipt": "2026-04-21T00:00:22Z"} -``` - -Narration (0:27–0:35): -> "Now the researcher has everything it needs. It sends an A2A task to the PM — using the endpoint it discovered from AGENTS.md. No hardcoded addresses." - ---- - -## Moment 4 — PM receives task (0:42–0:52) - -**Cut to:** Canvas — pm-agent card. - -New message bubble: `researcher: Status report — data-pipeline complete. 1 artifact ready.` -Status: `pm-agent [ACTIVE]`, `researcher [DISPATCHED]` - -Narration (0:42–0:48): -> "The PM receives it in Canvas. Status updated. The coordination happened without human input — AAIF in action." - ---- - -## Close (0:52–1:00) - -**Canvas full frame.** Both cards visible. - -Narration (0:52–0:58): -> "AGENTS.md means every agent knows what its peers can do — without reading system prompts. Auto-generated. Always current. That's the AAIF standard, from Molecule AI." - -**End card:** -``` -AGENTS.md Auto-Generation -workspace/agents_md.py — molecule-core#763 -``` -**Fade to black.** - ---- - -## Production Spec - -| Spec | Value | -|------|-------| -| Terminal theme | Dark, SF Mono 14pt / JetBrains Mono 13pt | -| Canvas cutaway | Dev canvas localhost:3000, pre-record before session | -| Camera | Screenflow / Camtasia, 1440×900 → 1080p export | -| VO voice | en-US-AriaNeural (reference) | -| Callout highlight | Amber ring `#E8A000`, 1s fade-in/out | -| Green success | Green ring `#22C55E` for success moments | -| Music | None — clean and technical | -| Sound FX | Subtle 2s click at 0:03 (boot log) | -| VO pacing | Read script against timeline before locking VO session | diff --git a/marketing/devrel/demos/screencasts/storyboard-cloudflare-artifacts.md b/marketing/devrel/demos/screencasts/storyboard-cloudflare-artifacts.md deleted file mode 100644 index 7dcada12..00000000 --- a/marketing/devrel/demos/screencasts/storyboard-cloudflare-artifacts.md +++ /dev/null @@ -1,164 +0,0 @@ -# Screencast Storyboard — Cloudflare Artifacts Integration -**PR:** #641 | **Feature:** `POST/GET /workspaces/:id/artifacts`, `/artifacts/fork`, `/artifacts/token` -**Duration:** 60 seconds | **Format:** Terminal-led, clean dark theme - ---- - -## Pre-roll (0:00–0:04) - -**Canvas — full screen** -Single workspace card: `data-agent [ONLINE]`, status: `idle`. - -Narration (0:00–0:04): -> "This data-agent has been running for three hours. It has context, task state, memory. What happens when it disconnects?" - -**Camera:** Static Canvas frame. 3-second hold. No cursor. - ---- - -## Moment 1 — Attach a CF Artifacts repo (0:04–0:16) - -**Terminal:** `agent@data-agent:~$` - -```bash -WORKSPACE_ID="ws-data-agent-001" -PLATFORM="https://acme.moleculesai.app" -TOKEN="Bearer ws-token-xxx" - -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts" \ - -H "Authorization: $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{"name": "data-agent-snapshots", "description": "Versioned snapshots of data-agent workspace"}' \ - | jq -``` - -**Terminal output:** -```json -{ - "id": "art-uuid-789", - "workspace_id": "ws-data-agent-001", - "cf_repo_name": "data-agent-snapshots", - "remote_url": "https://hash.artifacts.cloudflare.net/git/data-agent-snapshots.git", - "created_at": "2026-04-21T00:00:10Z" -} -``` - -**Camera:** Cursor to `remote_url`, highlight ring. Hold 1s. - -Narration (0:06–0:14): -> "One API call attaches a Cloudflare Artifacts git repo to the workspace. A remote URL is returned — no CF dashboard required." - -**Callout text (bottom-left):** -`Git for agents. No separate setup.` - ---- - -## Moment 2 — Mint a credential, clone the repo (0:16–0:28) - -```bash -TOKEN_RESP=$(curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts/token" \ - -H "Authorization: $TOKEN" -H "Content-Type: application/json" \ - -d '{"scope": "write", "ttl": 3600}') - -CLONE_URL=$(echo $TOKEN_RESP | jq -r '.clone_url') -git clone "$CLONE_URL" /tmp/data-agent-snapshots -``` - -**Terminal output:** -``` -Cloning into '/tmp/data-agent-snapshots'... -Receiving objects: 100% | (12/12), 12.00 KiB, done. -``` - -**Camera:** Scroll through git clone output. Hold on `Receiving objects: 100%`. - -Narration (0:18–0:26): -> "A short-lived git credential is minted — valid for one hour. The agent clones the repo. Cloudflare Artifacts handles the git transport." - ---- - -## Moment 3 — Agent writes a snapshot (0:28–0:44) - -```bash -cd /tmp/data-agent-snapshots -echo "# Workspace State — 2026-04-21" > snapshot.md -echo "current_task: analyzing sales pipeline Q1" >> snapshot.md -echo "uptime_seconds: 10800" >> snapshot.md -echo "last_status: COMPLETE" >> snapshot.md -git add snapshot.md -git commit -m "snapshot: pipeline analysis complete — 3 key findings" -git push origin main -``` - -**Terminal output:** -``` -[main abc1234] snapshot: pipeline analysis complete — 3 key findings - 1 file changed, 5 insertions(+) - remote: success -``` - -**Camera:** Full commit → push. Hold on `remote: success`. **Green ring pulse `#22C55E`**. - -Narration (0:30–0:40): -> "The agent writes a snapshot — current task, data sources, key findings — commits and pushes. The state is now in Cloudflare Artifacts. Versioned. Recoverable." - -**Callout text:** -`Versioned agent state — every push is a checkpoint.` - ---- - -## Moment 4 — Fork the repo for a new workspace (0:44–0:54) - -```bash -curl -s -X POST "$PLATFORM/workspaces/$WORKSPACE_ID/artifacts/fork" \ - -H "Authorization: $TOKEN" -H "Content-Type: application/json" \ - -d '{"name": "researcher-from-data-agent", "description": "Forked from data-agent workspace", "default_branch_only": true}' \ - | jq -``` - -**Terminal output:** -```json -{ - "fork": {"name": "researcher-from-data-agent", "namespace": "acme-production", "remote_url": "..."}, - "object_count": 47, - "remote_url": "https://hash2.artifacts.cloudflare.net/git/researcher-from-data-agent.git" -} -``` - -**Camera:** Highlight `remote_url` and `object_count`. Hold 2s. - -Narration (0:45–0:52): -> "Another agent forks the repo — a separate, isolated copy. 47 objects transferred. The new workspace can clone it and continue from the same point." - ---- - -## Close (0:54–1:00) - -**Terminal clean frame.** Cursor at prompt. - -Narration (0:54–0:58): -> "Every workspace can have its own git history. Snapshot state, version it, fork it into a new agent. Git for agents, built into the platform." - -**End card:** -``` -Cloudflare Artifacts Integration -workspace-server/internal/handlers/artifacts.go — molecule-core#641 -``` -**Fade to black.** - ---- - -## Production Spec - -| Spec | Value | -|------|-------| -| Terminal theme | Same as AGENTS.md storyboard — dark, SF Mono 14pt / JetBrains Mono 13pt | -| Canvas cutaway | Dev canvas localhost:3000, pre-record before session | -| Camera | Screenflow / Camtasia, 1440×900 → 1080p export | -| JSON output | `jq --monochrome-output` or custom monochrome filter for dark theme | -| Callout highlight | Amber ring `#E8A000`, 1s fade-in/out | -| Green success | Green ring `#22C55E` on `remote: success` line, 1.5s hold | -| VO voice | Match AGENTS.md storyboard — same voice talent, consistent pacing | -| Music | None | -| Sound FX | Subtle single-tone click at 0:04 (repo attached) and 0:54 (end card) | -| Playback speed | curl/git/push sequence at 2x during Moments 1–4 | diff --git a/marketing/devrel/demos/screencasts/storyboard-memory-inspector-panel.md b/marketing/devrel/demos/screencasts/storyboard-memory-inspector-panel.md deleted file mode 100644 index 50253a95..00000000 --- a/marketing/devrel/demos/screencasts/storyboard-memory-inspector-panel.md +++ /dev/null @@ -1,142 +0,0 @@ -# Screencast Storyboard — MemoryInspectorPanel -**Feature:** `canvas/src/components/MemoryInspectorPanel.tsx` -**Duration:** 60 seconds | **Format:** Canvas UI-led, dark zinc theme - ---- - -## Pre-roll (0:00–0:04) - -**Canvas — workspace panel open** -Sidebar showing `pm-agent [ONLINE]`. User clicks into the Memory tab. - -Narration (0:00–0:04): -> "Every agent accumulates knowledge over time — facts, decisions, context. Molecule AI's memory inspector gives you a first-class view of what your agent knows." - -**Camera:** Static Canvas panel. Clean frame. No cursor movement in first 3s. - ---- - -## Moment 1 — Memory list loads (0:04–0:14) - -**Panel populated:** -Three memory entry cards visible: -- `user-preferences:v3` — blue badge "Similarity: 92%" — "2h ago" -- `project-context:v1` — "4h ago" -- `latest-decision:v5` — "1d ago" - -Each card shows: key (blue mono), version counter, similarity badge (if query active), relative timestamp, expand arrow. - -**Camera:** Smooth scroll through the list. Hold 2s on the first entry. - -Narration (0:05–0:12): -> "The inspector loads all memory entries — keys, versions, freshness. When semantic search is active, it shows a similarity score — how closely each entry matches your query." - -**Callout text (bottom-left):** -`Semantic search. Meaning, not just keywords.` - ---- - -## Moment 2 — Semantic search (0:14–0:26) - -User types in the search bar: `customer pricing` - -**Camera:** Cursor moves to search input. Type-in animation. - -Search bar shows: "Semantic search…" placeholder, debounce spinner (300ms), then results update. - -List re-sorts: -- `user-preferences:v3` — blue badge "Similarity: 87%" (moved to top) -- `latest-decision:v5` — "Similarity: 34%" (new position) -- `project-context:v1` — "Similarity: 12%" (bottom) - -**Camera:** Smooth scroll showing re-sorted results. - -Narration (0:16–0:23): -> "Type a query. After 300 milliseconds — no submit button — the list re-sorts by semantic similarity. Entries below 50% fade to a lower contrast. The agent found what it knows about pricing decisions." - -**Callout text:** -`300ms debounce. No submit. No page reload.` - ---- - -## Moment 3 — Expand + Edit a memory entry (0:26–0:44) - -User clicks `user-preferences:v3`. - -**Camera:** Entry expands. Card opens downward. - -**Expanded content shown:** -```json -{ - "preferred_tier": "enterprise", - "pricing_sensitivity": "high", - "last_interaction": "2026-04-18", - "notes": "Requested SSO before trial" -} -``` - -Metadata below: "Updated: 2026-04-20 14:32:11", Edit button, Delete button. - -User clicks **Edit**. - -**Camera:** Textarea appears, pre-filled with JSON. Cursor blinks. - -User edits: changes `"pricing_sensitivity": "high"` → `"medium"`. - -User clicks **Save**. - -**Camera:** Blue "Saving…" spinner (1s). Then: textarea closes, entry collapses, entry updates in list — `user-preferences:v4` (version increment shown). - -Narration (0:28–0:40): -> "Click any entry. See the full JSON — every fact the agent stored. Edit directly in the panel. Save — it's versioned, timestamped, persisted. No API calls to remember." - -**Callout text:** -`Version conflict detection. Optimistic updates. Never lose a write.` - ---- - -## Moment 4 — Delete entry (0:44–0:54) - -User clicks the red Delete button on `project-context:v1`. - -**Delete confirmation dialog appears:** -`Delete key "project-context"? This cannot be undone.` - -User clicks **Delete**. - -**Camera:** Dialog closes. Entry animates out. List collapses. Count decrements: "2 entries" shown in toolbar. - -Narration (0:46–0:52): -> "Delete with confirmation. Entries are removed from the memory store immediately. Canvas updates in real time." - ---- - -## Close (0:54–1:00) - -**Panel clean frame.** Two entries remaining. - -Narration (0:54–0:58): -> "The memory inspector — semantic search, in-line editing, version history, and full delete. Everything your agent knows, visible and editable." - -**End card:** -``` -MemoryInspectorPanel -canvas/src/components/MemoryInspectorPanel.tsx -``` -**Fade to black.** - ---- - -## Production Spec - -| Spec | Value | -|------|-------| -| Theme | Dark zinc, blue accents (`#3B82F6`), SF Mono 11-14pt | -| Canvas | Dev canvas localhost:3000, pre-record workspace with 3+ memory entries | -| Camera | Screenflow / Camtasia, 1440×900 → 1080p export | -| Type-in animation | Realistic cursor blink, natural typing speed | -| Dialog | Center modal with red "Delete" button | -| Callout highlight | Amber ring `#E8A000`, 1s fade-in/out | -| VO voice | en-US-AriaNeural (consistent with other storyboards) | -| Music | None | -| Speed | Moment 1 at 2x playback for log-scroll effect | diff --git a/marketing/devrel/demos/screencasts/storyboard-snapshot-secret-scrubber.md b/marketing/devrel/demos/screencasts/storyboard-snapshot-secret-scrubber.md deleted file mode 100644 index e4f03066..00000000 --- a/marketing/devrel/demos/screencasts/storyboard-snapshot-secret-scrubber.md +++ /dev/null @@ -1,204 +0,0 @@ -# Screencast Storyboard — Snapshot Secret Scrubber -**PR:** #977 | **Feature:** `workspace/lib/snapshot_scrub.py` -**Duration:** 60 seconds | **Format:** Terminal-led + browser overlay, dark theme - ---- - -## Pre-roll (0:00–0:04) - -**Terminal — dark theme** -Prompt: `agent@pm-workspace:~$` - -Narration (0:00–0:04): -> "Every agent workspace can hibernate — preserving its memory state to disk. But what if that snapshot contains secrets? That's where the scrubber comes in." - -**Camera:** Static terminal frame. 3-second hold. No cursor. - ---- - -## Moment 1 — Before: raw memory snapshot with secrets (0:04–0:18) - -**Terminal:** -```bash -# Simulate a raw memory entry before scrubbing -python3 - << 'EOF' -from snapshot_scrub import scrub_snapshot - -raw_snapshot = { - "workspace_id": "ws-pm-001", - "memories": [ - { - "key": "api_config", - "content": "ANTHROPIC_API_KEY=sk-ant-abcd1234wxyz5678", - "updated_at": "2026-04-20T10:00:00Z" - }, - { - "key": "user_context", - "content": "User asked about enterprise pricing.", - "updated_at": "2026-04-20T10:01:00Z" - }, - { - "key": "sandbox_output", - "content": "[sandbox_output] Running: pip install requests\nOutput: success", - "updated_at": "2026-04-20T10:02:00Z" - } - ] -} - -print(scrub_snapshot(raw_snapshot)) -EOF -``` - -**Terminal output (raw, BEFORE scrub):** -```json -{ - "workspace_id": "ws-pm-001", - "memories": [ - {"key": "api_config", "content": "ANTHROPIC_API_KEY=sk-ant-abcd1234wxyz5678"}, - {"key": "user_context", "content": "User asked about enterprise pricing."}, - {"key": "sandbox_output", "content": "[sandbox_output] Running: pip install..."} - ] -} -``` - -**Camera:** Highlight the raw ANTHROPIC_API_KEY and sandbox output lines — red underline. Hold 2s. - -Narration (0:06–0:16): -> "A raw snapshot before scrubbing. The agent stored an API key in memory. It also ran code — and the sandbox output is in there too. Both are about to go to disk when this workspace hibernates." - -**Callout text (bottom-left):** -`Before scrubbing: API keys, Bearer tokens, sandbox output — all on disk.` - ---- - -## Moment 2 — Scrubber runs (0:18–0:32) - -**Terminal — same session:** -The python script runs. - -**Terminal output (AFTER scrub):** -```json -{ - "workspace_id": "ws-pm-001", - "memories": [ - { - "key": "api_config", - "content": "[REDACTED:API_KEY]" - }, - { - "key": "user_context", - "content": "User asked about enterprise pricing." - } - ] -} -``` - -**Camera:** The output appears line by line. Watch: -1. `"api_config"` entry — content replaced with `[REDACTED:API_KEY]` -2. `"sandbox_output"` entry — **absent entirely** (excluded, not scrubbed) -3. `"user_context"` — passes through unchanged - -Green checkmark on the `user_context` line. - -Narration (0:20–0:28): -> "The scrubber runs — before the snapshot reaches disk. API keys become `[REDACTED:API_KEY]`. Sandbox output is excluded entirely — it's not scrubbed, it's dropped. The agent's actual knowledge passes through unchanged." - -**Callout text:** -`API key → [REDACTED:API_KEY]. Sandbox output → excluded entirely. Everything else → passes through.` - ---- - -## Moment 3 — Pattern coverage (0:32–0:44) - -**Terminal:** -```bash -python3 - << 'EOF' -from snapshot_scrub import scrub_content - -test_cases = [ - ("OPENAI_API_KEY=sk-proj-123456abcdef", "env-var"), - ("Bearer eyJhbGciOiJIUzI1NiJ9", "Bearer token"), - ("sk-ant-abcd1234wxyz5678", "Anthropic key"), - ("ghp_abc123def456ghi789jkl012mno", "GitHub PAT"), - ("AKIAIOSFODNN7EXAMPLE", "AWS key"), - ("YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnp4eXpBQ0N", "high-entropy base64"), - ("Everything looks fine", "clean content"), -] - -for text, label in test_cases: - result = scrub_content(text) - print(f"{label:20s} → {result}") -EOF -``` - -**Terminal output:** -``` -env-var → [REDACTED:API_KEY] -Bearer token → [REDACTED:BEARER_TOKEN] -Anthropic key → [REDACTED:SK_TOKEN] -GitHub PAT → [REDACTED:GITHUB_PAT] -AWS key → [REDACTED:AWS_ACCESS_KEY] -high-entropy base64 → [REDACTED:BASE64_BLOB] -clean content → Everything looks fine -``` - -**Camera:** Scroll through all 7 patterns. Hold 2s on the clean content line — no redaction. - -Narration (0:34–0:42): -> "The scrubber catches seven secret patterns — API keys, Bearer tokens, GitHub PATs, AWS keys, Cloudflare tokens, high-entropy blobs. Clean content passes through unaltered." - ---- - -## Moment 4 — Real-world scenario (0:44–0:54) - -**Cut to:** Browser — Molecule AI canvas. Workspace `pm-agent` shows `[HIBERNATING]`. - -**Terminal:** -```bash -# Workspace hibernating — scrubber runs automatically -curl -s -X POST "$PLATFORM/workspaces/ws-pm-001/hibernate" \ - -H "Authorization: Bearer $AGENT_TOKEN" -``` - -**Terminal output:** -``` -{"status": "hibernating", "snapshot_id": "snap-xyz-789", "scrubbed": true} -``` - -**Camera:** Focus on `"scrubbed": true`. Green highlight ring `#22C55E`. Hold 1.5s. - -Narration (0:46–0:52): -> "When the workspace hibernates, the scrubber runs automatically — before the snapshot touches disk. The result is marked `scrubbed: true`. Admins can trust that snapshots are safe." - ---- - -## Close (0:54–1:00) - -**Terminal clean frame.** Cursor at prompt. - -Narration (0:54–0:58): -> "Snapshot secret scrubber — API keys, Bearer tokens, sandbox output, all handled before hibernate. Molecule AI writes only what should be written." - -**End card:** -``` -Snapshot Secret Scrubber -workspace/lib/snapshot_scrub.py — molecule-core#977 -``` -**Fade to black.** - ---- - -## Production Spec - -| Spec | Value | -|------|-------| -| Terminal theme | Dark, SF Mono 14pt / JetBrains Mono 13pt | -| Camera | Screenflow / Camtasia, 1440×900 → 1080p export | -| JSON output | `jq --monochrome-output` | -| Callout highlight | Amber ring `#E8A000`, 1s fade-in/out | -| Red alert | Red underline `#EF4444` on raw secret lines in Moment 1 | -| Green success | Green ring `#22C55E` on `"scrubbed": true` in Moment 4 | -| VO voice | en-US-AriaNeural (consistent across all 4 storyboards) | -| Music | None | -| Playback speed | Moments 1–3 at 2x for terminal typing effect | -| Type-in animation | Realistic cursor blink | diff --git a/marketing/devrel/phase30-demo-spec.md b/marketing/devrel/phase30-demo-spec.md deleted file mode 100644 index 3964b085..00000000 --- a/marketing/devrel/phase30-demo-spec.md +++ /dev/null @@ -1,428 +0,0 @@ -# Phase 30 Demo Spec — Remote Workspaces & Cross-Network Federation -> For: DevRel + Marketing | Status: DRAFT | Phase 30 GA target -> -> **Issue:** attaches to [`Molecule-AI/internal#2`](https://github.com/Molecule-AI/internal/issues/2) -> — `devrel: remote agent fleet demo for Phase 30` -> -> **Technical reference:** [`docs/guides/external-agent-registration.md`](https://github.com/Molecule-AI/molecule-core/blob/main/docs/guides/external-agent-registration.md) -> — full endpoint reference used throughout this spec. -> -> **Social launch plan:** `marketing/social/phase30-launch-plan.md` (PMM-owned) — Section 5 TTS script -> is the authoritative source for `phase30-video-vo.mp3`. - ---- - -## 1. Demo Scenario - -**Title:** *"Your Agent. Your Laptop. On the Canvas."* - -**Premise:** A developer runs a Python agent on their laptop, connected to the internet, registering to a Molecule AI org running on a cloud platform. A parent PM agent on the canvas dispatches a research task. The remote agent receives it via A2A, processes it, and returns the result — all visible in real time on the canvas. - -**Audience:** Indie developers evaluating Molecule AI, enterprise teams evaluating multi-cloud agent deployment. - -**Duration:** 8–10 minutes live, 3 minutes narrated. - ---- - -### Full Walkthrough (Live Demo Steps) - -**Setup (done before recording, shown as screenshots):** - -1. Dev has a Molecule AI platform running at `https://acme.moleculesai.app` -2. Canvas shows a PM workspace ("pm-agent") already online -3. Dev's laptop is on a different network — no shared Docker network, no VPN - -**On screen (live or narrated):** - -``` -DEVELOPER LAPTOP MOLECULE AI PLATFORM - | | - | 1. POST /workspaces | - | {"name":"researcher", | - | "runtime":"external", | - | "url":"https://laptop:5000"} | - | ─────────────────────────────────────────► | - | ←─ 201 {"id":"ws-abc123", ...} | - | | - | 2. POST /registry/register | - | {id:"ws-abc123", url:"...", | - | agent_card:{name:"researcher", | - | skills:["research","web-search"]}} | - | ─────────────────────────────────────────► | - | ←─ 200 {"status":"registered", | - | "auth_token":"mol_..."} ← SAVE | - | | - | 3. GET /workspaces/ws-abc123/secrets/values | - | Authorization: Bearer mol_... | - | ─────────────────────────────────────────► | - | ←─ 200 {"OPENAI_API_KEY":"sk-..."} | - | | - | 4. POST /registry/heartbeat every 30s | - | Authorization: Bearer mol_... | - | ─────────────────────────────────────────► | - | Canvas shows: researcher = ONLINE (REMOTE)| - | | - | 5. PM agent dispatches task via A2A | - | Canvas My Chat → "Research competitor X" | - | ─────────────────────────────────────────► | - | Platform proxies → POST laptop:5000/a2a | - | ←─ 200 {"result":{"message":{...}}} | - | | - | 6. Researcher result shown in Canvas | - | Researcher chat tab shows full reply | -``` - ---- - -## 2. Minimum Viable Demo (Under 10 Minutes) - -**What to prep before the demo:** -- Running platform (self-hosted or SaaS beta) -- `pip install requests` on laptop -- `ghcr.io/molecule-ai/workspace-template` image available (for platform side) -- ngrok or Cloudflare Tunnel running on laptop: `ngrok http 5000` -- Write down the `WORKSPACE_ID` and `PLATFORM_URL` - -**Script for the MVP (5 minutes live):** - -```bash -# STEP 1 — Create the workspace (platform side, admin token) -PLATFORM=https://acme.moleculesai.app -ADMIN_TOKEN=mol_admin_... -WORKSPACE_NAME=researcher - -WORKSPACE_RESP=$(curl -s -X POST $PLATFORM/workspaces \ - -H "Authorization: Bearer $ADMIN_TOKEN" \ - -H "Content-Type: application/json" \ - -d "{\"name\":\"$WORKSPACE_NAME\",\"runtime\":\"external\",\"tier\":2}") -echo $WORKSPACE_RESP | jq - -WORKSPACE_ID=$(echo $WORKSPACE_RESP | jq -r '.id') - -# STEP 2 — Seed a secret so pull_secrets has something to show -curl -s -X POST $PLATFORM/workspaces/$WORKSPACE_ID/secrets \ - -H "Authorization: Bearer $ADMIN_TOKEN" \ - -H "Content-Type: application/json" \ - -d '{"key":"MODEL_NAME","value":"gpt-4o"}' - -# STEP 3 — On laptop: run the remote-agent demo -# (uses RemoteAgentClient from molecule-sdk-python) -export WORKSPACE_ID=$WORKSPACE_ID -export PLATFORM_URL=$PLATFORM -export MAX_ITERATIONS=20 - -python3 run.py - -# STEP 4 — Show canvas: workspace appears as REMOTE badge -# Canvas → researcher node → Online → Chat tab -``` - -**What to narrate at each step:** -1. "This workspace was created with `runtime: external` — no Docker provisioning happens. The platform just registers the row and waits for the agent to call home." -2. "The auth token was returned once, at registration. It's saved to disk. Every subsequent call — secrets, heartbeat, A2A — is authenticated with it." -3. "The agent pulls its API keys from the platform. No env vars baked into the container. Rotate the secret in the UI, the agent picks it up on next pull." -4. "Canvas shows a purple REMOTE badge. Same status, same chat, same terminal access as any Docker workspace — the deployment location is invisible to the rest of the org." -5. "The PM dispatches a task. The platform proxies it to the laptop's endpoint. No Docker bridge, no shared network — it works because the agent registered its URL and keeps a heartbeat alive." - ---- - -## 3. Screencast Outline (5 Key Moments) - -### Moment 1: Platform empty state → PM workspace online (0:00–0:20) -**What to show:** Canvas with a PM workspace (already set up as org template). Brief zoom on the node — status, role, chat tab. The org is a skeleton at this point: one PM, no reports. - -**Narration:** *"Molecule AI runs a PM agent on a cloud platform. The team is small — one PM, one canvas, everything in one place. Now let's add a researcher running on a laptop across the internet."* - ---- - -### Moment 2: ngrok tunnel + workspace creation (0:20–1:00) -**What to show:** Terminal on laptop. `ngrok http 5000` running. `curl` creating the external workspace. Workspace ID copied. - -**Narration:** *"The agent creates a workspace row with `runtime: external`. No Docker involved — the platform just records the identity and waits for it to call home."* - -**Visual:** Highlight `runtime: "external"` in the curl command. - ---- - -### Moment 3: Registration + token cache (1:00–1:45) -**What to show:** `python3 run.py` starting. Registration log line. Token saved to `~/.molecule//.auth_token`. Secrets pulled. Heartbeat loop starting. - -**Narration:** *"The SDK registers with the platform, receives a 256-bit auth token, and caches it to disk. That token is the agent's identity — it's how the platform knows this is the researcher workspace, not an imposter. The agent then pulls its secrets — API keys, model names — without any baked-in environment variables. And it starts its heartbeat loop, every 30 seconds."* - -**Visual:** Show `~/.molecule/` directory with token file. Show the secret keys returned. - ---- - -### Moment 4: Canvas update — REMOTE badge appears (1:45–2:15) -**What to show:** Canvas, live refresh. Researcher node appears under PM. Purple REMOTE badge. Status: online. Current task: "remote-agent demo idle". Ping the activity panel to show heartbeat activity. - -**Narration:** *"Back on the canvas — the researcher is online. Purple badge means it's remote — not a Docker container on this platform. Same status indicator as any other workspace. Same chat tab. The platform doesn't care where it's running."* - -**Visual:** Circle the REMOTE badge. Show the heartbeat tick in the activity log. - ---- - -### Moment 5: Task dispatch and result (2:15–3:00) -**What to show:** PM's My Chat input: "Research Anthropic's latest model release and summarize in 3 bullet points." Send. Canvas shows "current task: researching" on researcher node. Researcher replies. Result appears in PM's chat. - -**Narration:** *"The PM dispatches a task. The platform routes it to the laptop — same A2A protocol used for every agent call, regardless of where the target runs. The laptop processes it, returns the result, and it appears in the PM's chat. No special configuration on either side — the platform's A2A proxy handles the routing."* - -**Visual:** A2A JSON-RPC payload shown briefly in researcher terminal. Canvas showing result. - ---- - -## 3b. Visual Assets Required (from PMM social launch plan) - -These assets are produced by the design team. The screencast and guide reference them at the moments noted. - -### ASSET 1 — Canvas screenshot: REMOTE badge visible alongside Docker agents - -**Description:** Screenshot of the Molecule AI canvas showing a mixed fleet: one Docker-provisioned workspace (e.g. "pm-agent", standard runtime pill) and one remote workspace (e.g. "researcher", purple REMOTE badge) visible simultaneously. Both should show status "online". - -**When it's used:** Moment 4 of the screencast — the payoff shot. Also used as the hero image in the `docs/guides/remote-workspaces.md` guide. - -**Capture instructions:** -1. Spin up a Docker workspace on the platform (use the `claude-code-default` template) -2. Spin up a remote workspace (see Section 2 — run `python3 run.py` on laptop with ngrok) -3. Arrange both nodes visible on canvas at the same time -4. Screenshot at ~1440px wide; include the side panel closed so the canvas is unobstructed -5. Crop to show the org topology clearly; do not crop out the REMOTE badge on the researcher node - -**File:** `marketing/assets/phase30-canvas-remote-badge.png` - ---- - -### ASSET 2 — Fleet diagram: AWS / GCP / on-prem → A2A proxy → single canvas - -**Description:** Clean infrastructure diagram showing three remote agent nodes (AWS, GCP, on-premises datacenter) each running an agent on their own infrastructure. Each agent connects via HTTPS to the Molecule AI platform's A2A proxy. The platform connects via WebSocket to a single canvas browser. All agents appear as workspaces on the same canvas, side by side. - -**Style:** Molecule AI brand — dark background (#0A0E1A or similar), consistent iconography, thin connector lines, no heavy borders. Same visual language as the architecture diagrams in `docs/architecture/architecture.md`. - -**Include labels:** -- Each agent node: runtime label (e.g. "Claude Code / laptop", "LangGraph / AWS EC2", "CrewAI / on-prem") -- A2A proxy: `POST /workspaces/:id/a2a` (label on the connector) -- WebSocket fanout: labeled `WS fanout` between platform and canvas -- Canvas: single browser icon with "One canvas. All agents." - -**When it's used:** Guide hero image (`docs/guides/remote-workspaces.md`), Phase 30 blog post hero, social card. - -**File:** `marketing/assets/phase30-fleet-diagram.png` - ---- - -### ASSET 3 (Optional) — 10-second GIF: registration → canvas → A2A message flow - -**Description:** Short looping animated GIF showing the end-to-end flow in real time: -1. Terminal: `python3 run.py` starts, logs scroll -2. Canvas: researcher node fades in under PM with REMOTE badge -3. Canvas chat: PM types a task, hits send -4. Terminal: A2A JSON-RPC `message/send` received, response returned -5. Canvas: researcher's reply appears in PM chat - -**Duration:** ~10 seconds, looping. No audio. Time labels optional. - -**When it's used:** Social media embed (X, LinkedIn), landing page. Lower priority than ASSET 1 and 2. - -**Capture instructions:** Record with `byzanz-record` or similar on Linux; ScreenFlow or LICEcap on macOS. Export as GIF at 10fps, max 2 MB. - -**File:** `marketing/assets/phase30-registration-flow.gif` - ---- - -### Asset summary table - -| Asset | File | Priority | Used in | -|---|---|---|---| -| Canvas screenshot (REMOTE badge) | `marketing/assets/phase30-canvas-remote-badge.png` | **Required** | Screencast Moment 4, guide hero | -| Fleet diagram (AWS/GCP/on-prem) | `marketing/assets/phase30-fleet-diagram.png` | **Required** | Guide hero, blog post, social card | -| Registration flow GIF | `marketing/assets/phase30-registration-flow.gif` | Optional | Social embed | - ---- - -## 4. docs/guides/remote-workspaces.md — Draft Intro + Prerequisites - -```markdown -# Remote Workspaces — Run Agents Anywhere, Govern From One Platform - -> Phase 30: agents running outside the platform's Docker network can now join -> your Molecule AI org, appear on the canvas, receive A2A tasks from parent -> agents, and report status — all with the same auth, lifecycle, and -> observability as containerized workspaces. - -**Phase 30 GA:** 2026-04-20 | PRs: #1075–#1083, #1085–#1100 - ---- - -## What Problem This Solves - -Most agent platforms assume all agents run in the same environment as the -control plane. Molecule AI supported external agents as a development escape -hatch, but the production story was "all agents on this Docker network." - -Phase 30 changes that. Your org can now include agents running on: - -- A developer's laptop across the internet -- A server in a different cloud region -- An on-premises machine behind a NAT -- A third-party SaaS bot with an HTTP endpoint - -From the canvas and from other agents, they're indistinguishable from -containerized workspaces. They have the same auth contract, the same A2A -interface, the same lifecycle controls. Where they run is a deployment -detail — not an architectural constraint. - ---- - -## Prerequisites - -| Requirement | Details | -|---|---| -| **Platform** | Molecule AI platform running v0.30+ (`go run ./cmd/server` from `workspace-server/` or the current `main` image) | -| **Admin access** | An `ADMIN_TOKEN` or org API key with permission to create workspaces | -| **Python ≥ 3.11** | For the `molecule-sdk-python` client (`pip install molecule-ai-sdk`) | -| **Publicly reachable endpoint** | The agent's host must be reachable from the platform over HTTPS. If behind NAT, use [ngrok](https://ngrok.com) or [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). | -| **Network** | Outbound HTTPS from the agent to the platform; inbound HTTPS from the platform to the agent's A2A endpoint | - -### SDK Installation - -```bash -pip install molecule-ai-sdk -``` - -Or from the repo checkout: - -```bash -pip install -e sdk/python/ -``` - -The SDK includes `RemoteAgentClient` — a dependency-light Python client (only `requests`) that wraps all Phase 30 endpoints. - ---- - -## Architecture at a Glance - -``` -Laptop (remote agent) Molecule AI Platform - │ │ - │ POST /workspaces │ - │ POST /registry/register ────────────► │ ← admin token (one-time) - │ ←─ auth_token (256-bit) ◄────────── │ ← shown once, saved to disk - │ │ - │ GET /workspaces/:id/secrets/values │ ← bearer: auth_token - │ POST /registry/heartbeat (30s loop) │ - │ GET /workspaces/:id/state (30s loop)│ - │ │ - │ ◄── A2A task dispatch ────────────── │ ← platform → laptop (HTTPS) - │ ──► A2A response ──────────────────► │ ← laptop → platform - │ │ -Canvas (any browser) ◄── WebSocket ─────► Platform - │ fanout - │ - └─── sees: researcher [ONLINE] [REMOTE] badge -``` - -**Key properties:** -- The agent **pulls** its secrets at boot (not baked into the container at provision time) -- Liveness is maintained by **heartbeat + state polling** (no WebSocket required from the agent side) -- The platform **proxies A2A calls** to the agent's registered URL — no inbound firewall rules on the platform -- The auth token is **workspace-scoped**: a leaked token can't impersonate another workspace - ---- - -## Quick Start - -```bash -# 1. Create the workspace (admin side) -WORKSPACE=$(curl -s -X POST https://acme.moleculesai.app/workspaces \ - -H "Authorization: Bearer $ADMIN_TOKEN" \ - -H "Content-Type: application/json" \ - -d '{"name":"researcher","runtime":"external","tier":2}') -WORKSPACE_ID=$(echo $WORKSPACE | jq -r '.id') - -# 2. Run the agent (any machine that can reach the platform) -pip install molecule-ai-sdk - -python3 - <<'EOF' -from molecule_agent import RemoteAgentClient -import os, logging - -client = RemoteAgentClient( - workspace_id = os.environ["WORKSPACE_ID"], - platform_url = os.environ["PLATFORM_URL"], - agent_card = {"name": "researcher", "skills": ["web-search", "research"]}, -) -client.register() # Phase 30.1 — get + cache token -secrets = client.pull_secrets() # Phase 30.2 — decrypt API keys -print("Secrets:", list(secrets.keys())) - -# Keep alive + respond to platform commands -client.run_heartbeat_loop( - task_supplier = lambda: { - "current_task": "idle", - "active_tasks": 0, - } -) -EOF -``` - -The agent appears on the canvas with a **purple REMOTE badge** within seconds. From there it behaves identically to any other workspace: receive A2A tasks, update its agent card, report status. - ---- - -## What Phase 30 Covers - -| Phase | What shipped | Endpoint | -|---|---|---| -| 30.1 | Workspace auth tokens | `POST /registry/register`, `POST /registry/heartbeat` | -| 30.2 | Token-gated secrets pull | `GET /workspaces/:id/secrets/values` | -| 30.3 | Plugin tarball download (remote install) | `GET /plugins/:name/download` | -| 30.4 | Workspace state polling (no WebSocket needed) | `GET /workspaces/:id/state` | -| 30.5 | A2A proxy enforces caller token | `POST /workspaces/:id/a2a` | -| 30.6 | Sibling discovery + URL caching | `GET /registry/:id/peers` | -| 30.7 | Poll-liveness for external runtime | Redis TTL (90s timeout) | -| 30.8 | Remote-agent SDK + docs | `molecule-sdk-python` | - ---- - -## Next Steps - -- **[External Agent Registration Guide →](/docs/guides/external-agent-registration)** — full endpoint reference, Python + Node.js examples, troubleshooting -- **[molecule-sdk-python →](https://github.com/Molecule-AI/molecule-sdk-python)** — SDK source, `RemoteAgentClient` API docs -- **[SDK Examples →](https://github.com/Molecule-AI/molecule-sdk-python/tree/main/examples/remote-agent)** — `run.py` demo script, annotated walkthrough -``` - ---- - -## 5. TTS Voiceover Script — Phase 30 Announcement - -**Output:** `marketing/audio/phase30-announce.mp3` -**Output (social cut):** `marketing/audio/phase30-video-vo.mp3` -**Duration:** ~22 seconds for announcement cut; ~30 seconds for video VO cut -**Voice:** Neutral professional (en-US-AriaNeural via edge-tts) -**Source:** `marketing/social/phase30-launch-plan.md` Section 5 (PMM-authored); this spec includes the same script for reference. - -> **Note:** If `marketing/social/phase30-launch-plan.md` is updated with a revised PMM script, this section should be updated to match. The authoritative source is the PMM's social launch plan. - -**Script — read verbatim:** - ---- - ---- - -> Molecule AI ships Phase 30 today — Remote Workspaces is generally available. -> -> Starting now, any agent can run anywhere: your laptop, a different cloud, an edge device, a third-party endpoint. It registers with your Molecule org, appears on the canvas with a remote badge, receives tasks from parent agents, and reports status — just like an agent running in Docker. -> -> The auth contract is the same. The A2A protocol is the same. The canvas experience is the same. The only difference is where the agent's process lives. -> -> Here's what Phase 30 delivers. Workspace auth tokens so every remote agent has a cryptographic identity. A secrets pull endpoint so API keys are managed centrally, not baked into container images. A state polling interface so agents can stay alive without a WebSocket connection. And an SDK — Python, dependency-light, just requests — that wraps all of it. -> -> To onboard a remote agent: create a workspace with runtime external, point it at your platform URL, and run the SDK. Within seconds it shows up on the canvas, purple badge and all. -> -> Phase 30 turns Molecule AI from a self-hosted tool into an enterprise agent fleet platform. Agents run anywhere. Governance stays in one place. -> -> Learn more at moleculesai dot A I, and check the docs for the quick start guide. - ---- - -*Script word count: 253 words → ~60 seconds at 140 WPM delivery pace.* diff --git a/marketing/devrel/phase30-social-copy.md b/marketing/devrel/phase30-social-copy.md deleted file mode 100644 index bced1edb..00000000 --- a/marketing/devrel/phase30-social-copy.md +++ /dev/null @@ -1,96 +0,0 @@ -# Phase 30 — Short-Form Social Copy - -X / LinkedIn posts for the Phase 30 Remote Workspaces GA launch. -Variations A–D: different angles (technical, product, developer, enterprise). -Post all four or select the best fit per channel. - ---- - -## X (140–280 chars) - -### Version A — Technical -``` -Phase 30 ships: Molecule AI remote workspaces are GA. - -Agents running on your laptop, AWS, GCP, or on-prem now register to the same org as your Docker agents. Same A2A. Same auth. Same canvas. - -Remote badge. That's the only difference. -→ docs: https://moleculesai.app/docs/guides/remote-workspaces -``` - -### Version B — Product -``` -Your laptop is now a valid Molecule AI runtime. - -One org. Mixed fleet: Docker agents on the platform, remote agents wherever your infrastructure lives. One canvas. One audit trail. - -Phase 30 is live. -``` - -### Version C — Developer -``` -How to run a Molecule AI agent on your laptop in 3 steps: - -1. Create a workspace (runtime: external) -2. Run the Python SDK -3. Watch it appear on the canvas - -That's it. Phase 30 is live. -docs → https://moleculesai.app/docs/guides/remote-workspaces -``` - -### Version D — Enterprise -``` -Multi-cloud AI agent fleets, single governance plane. - -Phase 30: agents on AWS, GCP, on-prem, your laptop — all visible in one canvas, all governed by the same platform auth, all auditable. - -GA today. -``` - ---- - -## LinkedIn (150–300 words) - -### Post — Enterprise / Platform angle - -``` -We're launching Phase 30: Remote Workspaces. - -Most AI agent platforms assume all agents run in the same environment as the control plane. Molecule AI didn't — but until today, that's where the story ended. - -Phase 30 changes that. Your agent can now run anywhere: - -- On a developer's laptop, for local iteration and debugging -- On AWS or GCP, for production workloads in your cloud -- On an on-premises server, for enterprise environments with data residency requirements -- On a third-party endpoint, for existing SaaS integrations - -And from the canvas, you can't tell the difference. Same workspace card. Same status. Same chat tab. Same audit trail. The only visible signal: a purple REMOTE badge. - -The governance is the same. The A2A protocol is the same. The auth contract is the same. Where the agent runs is a deployment detail — not an architectural constraint. - -Phase 30 is generally available today. - -See the quick start → [link] -Read the guide → [link] -``` - ---- - -## Image suggestions per post - -| Post | Best image | -|---|---| -| X Version A (Technical) | Fleet diagram: `marketing/assets/phase30-fleet-diagram.png` | -| X Version B (Product) | Canvas screenshot: `marketing/assets/phase30-canvas-remote-badge.png` (once captured) | -| X Version C (Developer) | Terminal screenshot: `python3 run.py` + canvas showing REMOTE badge | -| X Version D (Enterprise) | Fleet diagram (same as A) | -| LinkedIn | Fleet diagram OR canvas screenshot | - ---- - -## Hashtag suggestions - -`#MoleculeAI` `#RemoteWorkspaces` `#AIAgents` `#AgentFleet` `#AIPlatform` -`#MCP` `#A2AProtocol` `#MultiCloud` diff --git a/marketing/devrel/phase30-video-production.md b/marketing/devrel/phase30-video-production.md deleted file mode 100644 index 7b8895ca..00000000 --- a/marketing/devrel/phase30-video-production.md +++ /dev/null @@ -1,114 +0,0 @@ -# Phase 30 Launch Video — Video Editor Production Package - -> **For:** Video Editor | **Cycle:** Marketing work cycle -> **Status:** Ready for production -> **Branch:** `content/blog/memory-backup-restore` (10 commits; push blocked on GH_TOKEN) - -This doc tells the video editor how to assemble the Phase 30 launch video from existing DevRel assets. All source files are in the repo. No new recording needed. - ---- - -## Assembled Video: "Agents That Run Where You Need Them" - -**Target length:** 60–90 seconds -**Purpose:** Hero launch video for docs site, social, and email campaign -**Tone:** Clean, confident, technical-but-accessible. Not salesy. Show, then tell. - ---- - -## Video Structure (3 Acts) - -### Act 1 — The Fleet (0:00–0:20) - -**Visual:** `phase30-fleet-diagram.png` — the matplotlib diagram we already generated. -Dark navy background, purple REMOTE workspace boxes, blue platform, green canvas. -**Animation suggestion:** Fade in platform first (0:00–0:03), then platform connections draw in (0:03–0:08), then REMOTE boxes slide in from right edge (0:08–0:15), then canvas at bottom fades in (0:15–0:20). Total build: ~20s. - -**VO:** `phase30-video-vo.mp3` plays over the full sequence (67–75s). Use the script at `marketing/audio/phase30-video-vo-script.txt` as the narration lock. - -**Narration start (approx 0:00–0:20 passage):** -> "Most AI agent platforms assume all agents run inside the platform. Molecule AI didn't." - ---- - -### Act 2 — The Detail (0:20–0:50) - -**Visual:** A split or sequence showing: -1. Terminal window — `python3 run.py` + agent registration output (show the `INFO workspace: registered` log line) -2. Canvas — workspace card with REMOTE badge in purple -3. Same card, active — A2A message incoming - -**How to capture these:** -- Use the dev canvas at `localhost:3000` with a remote workspace in active state -- Record the registration log output from a terminal running the Python SDK -- Cut between the three frames at 0:20 / 0:35 / 0:45 marks - -**VO continues:** Middle section of `phase30-video-vo.mp3`. The narration covers the mixed-fleet story (see script). - ---- - -### Act 3 — The Close (0:50–0:75) - -**Visual:** Return to the fleet diagram — fully built, all connections lit. -**Animation:** A gentle pulse along one A2A connection line (simulate a task dispatch). - -**VO:** Final passage of `phase30-video-vo.mp3`: -> "Phase 30. Remote Workspaces. Your agents. Your infrastructure. One canvas." - -**End card:** Molecule AI logo + "Phase 30 — Now GA" + link: `moleculesai.app/docs/guides/remote-workspaces` -**Duration:** 2s hold, 1s fade to black. - ---- - -## Asset Checklist - -| Asset | Location | Status | Notes | -|---|---|---|---| -| Fleet diagram (PNG) | `marketing/assets/phase30-fleet-diagram.png` | ✅ Ready | 126KB, dark navy. Use for Act 1 + Act 3 return. | -| VO track (EN) | `marketing/audio/phase30-video-vo.mp3` | ✅ Ready | 67–75s, en-US-AriaNeural. Lock against timeline. | -| VO track (ZH) | `marketing/audio/phase30-video-vo-mandarin.mp3` | ✅ Ready | ~70s, zh-CN-XiaoxiaoNeural. For Mandarin cut. | -| VO script (EN) | `marketing/audio/phase30-video-vo-script.txt` | ✅ Ready | Reference for timing and lock-points. | -| VO script (ZH) | `marketing/audio/phase30-video-vo-mandarin-script.txt` | ✅ Ready | 188-char Mandarin. | -| Phase 30 blog post | `docs/blog/2026-04-20-remote-workspaces/index.md` | 📦 STAGED | Link in end card. | -| Quickstart guide | `docs/guides/remote-workspaces.md` | 📦 STAGED | Secondary link in end card. | -| Announcement audio | `marketing/audio/phase30-announce.mp3` | 📦 STAGED | 30s. Use for social cut-down (0:00–0:30 of X clip). | - ---- - -## Specs for Editor - -- **Format:** 1080p H.264, 30fps (social) / 24fps (docs site) -- **Aspect ratios needed:** 16:9 (docs site + YouTube), 9:16 (X/TikTok Reel), 1:1 (LinkedIn) -- **Music:** No music in primary cut. Consider a light ambient bed (60–75bpm, non-melodic) for the 9:16 social cut only — keep VO clean in primary cut. -- **Color grade:** Match fleet diagram's dark navy + purple palette. Avoid blowing out the canvas screenshots — keep them readable against dark background. -- **Captions:** Burn in captions for the VO (for muted playback on social). Use `en-US-AriaNeural` timing from `phase30-video-vo-script.txt` for sync. -- **Muting:** Primary cut (docs site) can run without captions if VO is present. Social cut (X) must have captions burned in — most users watch muted. - ---- - -## Alt Cuts - -### Short Announcement (30s) — X/TikTok Reel -**Source assets:** `phase30-announce.mp3` (30s VO) + fleet diagram + REMOTE badge screenshot -**Structure:** Fleet diagram build (0:00–0:15) → REMOTE badge screenshot (0:15–0:20) → End card (0:20–0:30) -**Use for:** X timeline, TikTok, Instagram Reels - -### Mandarin Cut (60–75s) -**Source assets:** `phase30-video-vo-mandarin.mp3` + same visuals as primary cut -**VO script:** `phase30-video-vo-mandarin-script.txt` (188 chars) -**Use for:** WeChat, Chinese-language social channels, LinkedIn (zh-CN audience) - ---- - -## Review Checklist (before publishing) - -- [ ] VO is locked and plays cleanly over fleet diagram build -- [ ] REMOTE badge is visible in the canvas cutaways -- [ ] End card links are correct (live URLs, not localhost) -- [ ] Captions are synced for muted playback -- [ ] Alt cuts export cleanly at correct aspect ratios -- [ ] Blog post `docs/blog/2026-04-20-remote-workspaces/index.md` is published before the video goes live (avoid broken link in end card) - ---- - -*Source files: repo at `content/blog/memory-backup-restore`. All assets committed. Push pending on GH_TOKEN refresh — video editor can begin assembly now using staged files.* diff --git a/marketing/devrel/roadmap-brief.md b/marketing/devrel/roadmap-brief.md deleted file mode 100644 index ea5c082a..00000000 --- a/marketing/devrel/roadmap-brief.md +++ /dev/null @@ -1,139 +0,0 @@ -# Phase 30 + Roadmap Context Brief — DevRel - -> **Sourced from:** `Molecule-AI/internal` — `PLAN.md` (via GitHub API, read-only token) -> **Purpose:** Keep DevRel aligned with roadmap so content and demos anticipate what's coming - ---- - -## Phase 30: Remote Workspaces — What's Shipped - -Phase 30 shipped 8 sub-features (30.1–30.8), all GA as of 2026-04-20: - -| Sub-feature | What it does | -|---|---| -| 30.1 Workspace auth tokens | 256-bit bearer tokens, minted at registration. Prevents spoofing. | -| 30.2 Secrets pull endpoint | `GET /workspaces/:id/secrets/values` — gated by auth token | -| 30.3 Plugin tarball download | `GET /plugins/:name/download` — remote agent plugin install | -| 30.4 Workspace state polling | `GET /workspaces/:id/state` — fallback for agents behind NAT | -| 30.5 A2A proxy token validation | Mutual auth on `POST /workspaces/:id/a2a` | -| 30.6 Sibling discovery + URL caching | `GET /registry/{parent_id}/peers`, cache sibling URLs | -| 30.7 Poll-liveness for external runtime | 90s offline threshold, behind `REMOTE_LIVENESS_POLLING_ENABLED` | -| 30.8 Remote-agent SDK + docs | `sdk/python/examples/remote-agent/`, Python thin client | - -**Out of scope for Phase 30:** -- Mutual TLS from agent → platform (deferred) -- Agent-to-agent mesh across NATs (needs relay — deferred to Phase 31) -- Platform-managed persistent state for remote agents - ---- - -## Phase 31 — Quality + Infra Pass — SHIPPED 2026-04-13 - -Completed in PRs #1–#8: -- Brand migration (Molecule → Molecule AI) -- Repo structural cleanup -- MCP per-domain split (1697 → 89 lines, 87 tools) -- Canvas dialog unification -- Platform handler decomposition (+47 Go tests, coverage 56.1% → 57.6%) -- Env-var documentation (all 21 vars now documented) -- E2E hardening + CI (`test_api.sh` 62/62, `test_comprehensive_e2e.sh` 67/67) - ---- - -## Phase 32 — Cloud SaaS Launch (2026-Q2/Q3) — IN PROGRESS - -**Goal:** Ship Molecule AI as a multi-tenant cloud SaaS (not just self-hosted per-customer). - -**Live infrastructure (as of 2026-04-15):** -- Control plane: `https://molecule-cp.fly.dev` -- Tenant app: `molecule-tenant` (Fly) -- Database: **Neon** serverless Postgres (branch-per-org) -- Cache: **Upstash** Redis -- Auth: **WorkOS AuthKit** (`/cp/auth/{signup,login,callback,signout,me}`) -- Billing: Stripe scaffold deployed (no live keys yet — pending Stripe Atlas) -- Registry: `registry.fly.io/molecule-tenant:latest` -- Domain: `moleculesai.app` (Cloudflare routing, DNS pending) -- First real tenant provisioned: org `acme` - -**Phase status:** -- A — Foundation (accounts, tokens, domain) ✅ -- B — Fly provisioner + Neon branching ✅ -- C — WorkOS AuthKit scaffold ✅ -- D — Stripe billing scaffold ✅ (live keys pending Stripe Atlas) -- E — Cloudflare + DNS + per-tenant Vercel canvas ✅ -- F — Sign-up UX + onboarding ✅ (basic flow done; polish + email pending) -- G — Observability + quotas + admin ✅ -- H — Hardening ⏳ partial (KMS envelope encryption ✅, tenant-isolation CI ✅, legal pages ✅; load test + Stripe Atlas + status page custom domain pending) -- I — Launch ⏳ pending Stripe Atlas (~2 week lead) - -**Architectural decisions relevant to DevRel messaging:** -- **Open-core split:** `Molecule-AI/molecule-controlplane` (private) handles orgs/signup/billing/provisioner/routing. This public repo stays OSS (tenant binary + plugins + channels). -- **Firecracker > Docker socket:** Fly Machines API replaces raw Docker socket for multi-tenant isolation. Docker path stays for local dev only. -- **Companion repo:** `molecule-controlplane/PLAN.md` has the private roadmap. - -**Tier 1 blockers before first external user:** -- Multi-tenancy: `org_id` filter on every row-returning handler -- Human auth + orgs via WorkOS (separate from Phase 30.1 agent bearer tokens) -- Container isolation via Fly Machines (Firecracker microVMs) -- Stripe billing (subscriptions + usage metering) -- Per-org resource quotas -- Managed Postgres (Neon) + Redis (Upstash) -- Secrets at rest via AWS/GCP KMS -- Migration runner extraction (goose as release step) - ---- - -## Upcoming: Phase 33+ - -**What to watch for:** The backlog (PLAN.md) lists: -- Canvas: Org template import, Workspace search (Cmd+K), Batch operations -- Sandbox: Firecracker/E2B backends -- SDK follow-ups: live tool-call visibility, cost telemetry, cancel UX -- Real webhook mode for channels (webhook vs. polling) -- More channel adapters: Slack (OAuth), Discord (Bot + Gateway), WhatsApp - ---- - -## Known Issues (from `known-issues.md`) - -Three issues tracked internally, not yet filed as GitHub issues: - -**KI-001 — Telegram `kicked` event doesn't persist disabled state** -- File: `telegram.go:596` -- Severity: Medium -- When the bot is removed from a chat, it keeps retrying sends indefinitely -- Fix: set `enabled = false` on `workspace_channels` row - -**KI-002 — Delegation system has no idempotency guard** -- File: `delegation.go` -- Severity: Medium -- Container restart mid-delegation → double execution risk -- Fix: add optional `idempotency_key` to `POST /workspaces/:id/delegate` - -**KI-003 — `commit_memory` not surfaced in `activity_logs`** -- File: `memory.py` + `activity.go` -- Severity: Low (debugging quality) -- Memory writes invisible in Canvas "Agent Comms" tab -- Fix: emit `activity_log` entry of type `tool_call` for `commit_memory` - ---- - -## Backlog Highlights for DevRel - -The backlog has direct marketing angles: - -1. **Canvas: Org template import** — no-code org deployment from Canvas UI (Phase 20.3) -2. **SDK follow-ups** — cost telemetry + live tool-call visibility → enterprise governance story -3. **Delegations list endpoint** — `GET /workspaces/:id/delegations` returns `[]` while `check_delegation_status` shows active. One source of truth needed. -4. **Per-agent repo access** — `workspace_access: none|read_only|read_write` in `org.yaml` — eliminates the "PM couriers documents to reports" workaround -5. **SDK executor stderr swallowing** — every CLI failure is opaque; fix captures stderr, includes first ~1 KB in A2A error response. High priority per PLAN.md. - ---- - -## Ecosystem Watch - -`docs/ecosystem-watch.md` is the canonical starting point for research agents doing competitive analysis. Notable projects to track: Holaboss, Hermes, gstack, Letta, Trigger.dev. - ---- - -*Update this doc after token refresh — check PLAN.md for Phase 32 content.* diff --git a/marketing/drip/phase30-email-drip.md b/marketing/drip/phase30-email-drip.md deleted file mode 100644 index 7e33da43..00000000 --- a/marketing/drip/phase30-email-drip.md +++ /dev/null @@ -1,118 +0,0 @@ -# Phase 30 — Email Drip Sequence - -> **For:** Marketing Lead + Email/CRM team | **Status:** Draft -> **Trigger:** After blog post and guides are live - -3-email sequence designed to move developers and platform evaluators from "heard of it" to "tried it." - ---- - -## Email 1 — Launch Announcement (Day 1, Launch Morning) - -**Subject line:** Your laptop is now a valid Molecule AI runtime -**Subject line alt:** Phase 30: Remote Workspaces is generally available - -**Preview text:** Agents can now run on any machine — your laptop, a VM, on-prem — and appear in Canvas like every other workspace. - -**Body:** - -> Hi {{first_name}}, -> -> Most AI agent platforms assume your agents run in the same place as the control plane. -> -> Phase 30 changes that. -> -> Starting today, any Python agent — running on your laptop, a cloud instance, or an on-premises server — can register with your Molecule AI org and appear in Canvas as a first-class workspace. Same auth. Same A2A protocol. Same audit trail. -> -> **The only visible difference: a purple REMOTE badge.** -> -> We call it Remote Workspaces. Here's why it matters: -> -> - **Developers** — run an agent on your laptop, debug it with your IDE, and have it participate in your org's task pipeline simultaneously -> - **Platform teams** — deploy agents in your own cloud account without changing your Molecule AI workflow -> - **Enterprise** — meet data-residency requirements by keeping agent compute on your infrastructure -> -> Phase 30 is generally available today. Self-serve setup in under 5 minutes. -> -> [Get started →](/docs/guides/remote-workspaces) -> [Read the launch post →](/blog/remote-workspaces-ga) -> [Quickstart guide →](/docs/guides/remote-workspaces#quick-start) -> -> — The Molecule AI team - ---- - -## Email 2 — Feature Deep Dive (Day 3–4) - -**Subject line:** The AGENTS.md trick that makes multi-agent coordination just work -**Subject line alt:** Two things that make Remote Workspaces different - -**Preview text:** Auto-generated agent manifests and versioned workspace snapshots ship with Phase 30. - -**Body:** - -> Hi {{first_name}}, -> -> A quick follow-up on Phase 30. Two things that shipped with Remote Workspaces that deserve their own explanation: -> -> **1. AGENTS.md auto-generation** -> -> Every Molecule AI workspace now generates an `AGENTS.md` file at boot — automatically. It reflects the workspace config: role, A2A endpoint, available tools. Any peer agent can read it to understand what another agent does and how to reach it, without reading system prompts. -> -> This is the AAIF / Linux Foundation AGENTS.md standard, implemented as a first-class platform feature. -> -> **2. Versioned workspace state with Cloudflare Artifacts** -> -> Every workspace can now be linked to a Cloudflare Artifacts git repo. The agent can push snapshots — current task state, memory dumps, config — and other agents can fork the repo to continue from the same point. -> -> Git for agents, built into the platform. No separate dashboard, no external git service setup. -> -> [See the working demos →](/marketing/demos) *(after docs go live, update to public URL)* -> [Phase 30 launch post →](/blog/remote-workspaces-ga) -> -> Questions? Reply to this email — we read them. -> -> — The Molecule AI team - ---- - -## Email 3 — Social Proof / CTA (Day 7) - -**Subject line:** What developers are building with Remote Workspaces -**Subject line alt:** One week in: what the community is doing with Phase 30 - -**Preview text:** Data residency, multi-cloud fleets, and local debugging — the first week of Phase 30. - -**Body:** - -> Hi {{first_name}}, -> -> One week in, here's what we're seeing from teams using Phase 30 Remote Workspaces: -> -> **A data engineering team** is running a pipeline agent on a GPU instance in their own AWS account — keeping raw data on their infrastructure while using the platform for orchestration. Data residency solved. -> -> **A developer relations team** is running a local agent on their laptops for quick iteration — debugging agent behavior in their IDE, then pointing the same agent at the org for production tasks. No switching environments. -> -> **An enterprise platform team** is running agents across three clouds — GCP, AWS, and a private cloud — visible in one Canvas, governed by the same org auth. Multi-cloud fleet, single governance plane. -> -> If you've been evaluating AI agent platforms and hesitated because "my data can't leave my infrastructure," Phase 30 was built for you. -> -> [Talk to our team →](/contact) *(replace with actual sales link)* -> [Read the docs →](/docs/guides/remote-workspaces) -> [See working demos →](/marketing/demos) -> -> — The Molecule AI team - ---- - -## Notes for CRM team - -- Send from `team@moleculesai.app` or a named sender (CEO or Marketing Lead name) -- Segment by: existing customers (already on platform) vs. evaluators (visited docs, not yet a customer) — Email 2 + 3 copy can be swapped for evaluators vs. customers -- Unsubscribe link required in every email -- All internal link placeholders (`/docs/...`, `/blog/...`) must be resolved to live URLs before send -- Phase 2 + Phase 3 email body copy can be A/B tested with the alt subject lines - ---- - -*CRM placeholders: `{{first_name}}`, `{{contact}}`, `{{sales_link}}` — resolve before launch.* diff --git a/marketing/drip/post-push-checklist.md b/marketing/drip/post-push-checklist.md deleted file mode 100644 index 94006789..00000000 --- a/marketing/drip/post-push-checklist.md +++ /dev/null @@ -1,187 +0,0 @@ -# Phase 30 Launch — Post-Push Execution Checklist - -> **For:** DevRel + Marketing Lead | **Trigger:** After GH_TOKEN refreshes + push completes -> **Purpose:** Step-by-step sequencing so nothing gets missed on launch day - ---- - -## Phase 1 — Push & Validation (Do First) - -### 1.1 Push the branch - -```bash -git -C /workspace/repo push origin content/blog/memory-backup-restore -``` - -### 1.2 Verify all 11 commits landed - -```bash -gh api repos/Molecule-AI/internal/commits --jq '.[0:11] | .[].commit.message' \ - --param per_page=15 2>&1 | head -30 -``` - -Look for the expected commit messages in reverse chronological order. - -### 1.3 Post GitHub issue comments - -```bash -bash /workspace/repo/marketing/demos/post-issue-comments.sh -``` - -This posts completion comments on `#1172` and `#1173` using the staged JSON payloads. - -### 1.4 Verify comments posted - -```bash -gh issue comment list 1172 --repo Molecule-AI/internal 2>&1 -gh issue comment list 1173 --repo Molecule-AI/internal 2>&1 -``` - -Confirm both return the DevRel completion text. - ---- - -## Phase 2 — Docs Site Publish - -### 2.1 Submit PR from the branch - -```bash -gh pr create \ - --repo Molecule-AI/internal \ - --base main \ - --head content/blog/memory-backup-restore \ - --title "docs(marketing): Phase 30 launch — Remote Workspaces GA, demos, and supporting content" \ - --body "$(cat <<'EOF' -## Summary -- Phase 30 Remote Workspaces GA blog post -- Phase 30 user guide and FAQ -- /cp/* same-origin proxy guide -- Chrome DevTools MCP governance blog post -- Container vs Remote decision guide -- Secure by Design blog post (beta auth launch) -- AGENTS.md auto-generation working demo + screencast spec (#1172) -- Cloudflare Artifacts working demo + screencast spec (#1173) -- Phase 30 social copy (X: 4 versions, LinkedIn) -- Chrome DevTools MCP social copy -- Phase 30 video production package (for Video Editor) -- Phase 30 DevRel asset inventory -- Fleet diagram, TTS audio files, VO scripts - -## Test plan -- [ ] Review each guide for technical accuracy before merge -- [ ] Confirm all internal links resolve -- [ ] Confirm blog post dates are correct (2026-04-20) -- [ ] Verify TTS audio files play (mp3) -- [ ] Run docs link audit (all 34 links verified on disk) - -🤖 Generated with [Claude Code](https://claude.com/claude-code) -EOF -)" -``` - -### 2.2 Get PR reviewed and merged - -Hand off to whoever can approve — Marketing Lead or a tech lead. - -### 2.3 After merge: verify docs site publishes - -```bash -curl -s https://moleculesai.app/docs/guides/remote-workspaces.md | head -20 -curl -s https://moleculesai.app/docs/guides/remote-workspaces-faq.md | head -10 -``` - -Confirm both return 200 with correct frontmatter. - ---- - -## Phase 3 — Social Posts (After PR Merges) - -### 3.1 X (Twitter) — Phase 30 launch - -Post all 4 versions from `marketing/devrel/phase30-social-copy.md`, spaced ~3 hours apart: - -| # | Version | Angle | Post time | -|---|---|---|---| -| 1 | Version A | Technical | Launch day, 09:00 UTC | -| 2 | Version B | Product | Launch day, 12:00 UTC | -| 3 | Version C | Developer | Launch day, 15:00 UTC | -| 4 | Version D | Enterprise | Launch day, 18:00 UTC | - -**Images:** Attach `marketing/assets/phase30-fleet-diagram.png` to Version A and D. For C, use a terminal screenshot. - -### 3.2 LinkedIn — Phase 30 launch - -Post the enterprise/platform post from `phase30-social-copy.md`. Attach fleet diagram. - -### 3.3 X — Chrome DevTools MCP - -Post Version A from `marketing/devrel/chrome-devtools-mcp-social-copy.md`. Attach fleet diagram. - -### 3.4 LinkedIn — Chrome DevTools MCP - -Post the full LinkedIn block from `chrome-devtools-mcp-social-copy.md`. Attach checklist graphic or quote card. - -### 3.5 Schedule cadence - -Use Buffer/Hootsuite or schedule manually. All copy is pre-written — no drafting needed at post time. - ---- - -## Phase 4 — Email Campaign - -After social posts are live, trigger the email drip sequence (see `marketing/drip/phase30-email-drip.md`). - -### 3-step sequence: -1. **Day 1 (launch morning):** Announcement — "Phase 30 is GA" + blog link + quickstart guide -2. **Day 3–4:** Feature deep dive — pick the strongest sub-feature (AGENTS.md or CF Artifacts) -3. **Day 7:** Social proof / case study or customer quote (coordinate with Sales) - ---- - -## Phase 5 — Community & Devrel - -### 5.1 Hacker News - -See `marketing/community/hacker-news-launch.md` — submit when ready, monitor comments for 4–6 hours. - -### 5.2 Discord / Slack announcements - -Post in relevant channels. Copy is in `marketing/community/community-announcements.md`. - -### 5.3 DevRel outreach - -If any开发者 advocates or agent ecosystem influencers should know about Phase 30, pre-write outreach DMs now (coordinate with Marketing Lead). - ---- - -## Phase 6 — Verify Live Assets (Day 2+) - -```bash -# Blog posts -curl -s -o /dev/null -w "%{http_code}" https://moleculesai.app/blog/remote-workspaces-ga -curl -s -o /dev/null -w "%{http_code}" https://moleculesai.app/blog/chrome-devtools-mcp-governance - -# Guides -curl -s -o /dev/null -w "%{http_code}" https://moleculesai.app/docs/guides/remote-workspaces -curl -s -o /dev/null -w "%{http_code}" https://moleculesai.app/docs/guides/remote-workspaces-faq - -# Audio (if hosted) -curl -s -o /dev/null -w "%{http_code}" https://moleculesai.app/audio/phase30-announce.mp3 -``` - -All should return 200. - ---- - -## Known Blockers to Communicate - -| Blocker | Owner | Status | -|---|---|---| -| GH_TOKEN must refresh before push | CEO | ⏳ Waiting | -| PR must be reviewed and merged before docs go live | Marketing Lead / Tech Lead | ⏳ Waiting | -| Canvas screenshot (REMOTE badge) not yet captured | Design Team | ⏳ Waiting | -| PMM path for `phase30-launch-plan.md` unconfirmed | PMM | ⏳ Waiting | - ---- - -*Update this doc as items complete. Check off each step after execution.* diff --git a/marketing/pmm/a2a-v1-deep-dive-content-brief.md b/marketing/pmm/a2a-v1-deep-dive-content-brief.md deleted file mode 100644 index ad61a96a..00000000 --- a/marketing/pmm/a2a-v1-deep-dive-content-brief.md +++ /dev/null @@ -1,101 +0,0 @@ -# A2A v1.0 Deep-Dive — Content Marketer Execution Brief -**Source:** `marketing/pmm/issue-1286-a2a-v1-deep-dive-narrative-brief.md` -**Status:** PMM → Content Marketer | Actionable outline — execute immediately -**Urgency:** 🔴 72h window to own A2A narrative before LangGraph GA - ---- - -## Your Task - -Write a blog post (~1,200–1,800 words) establishing Molecule AI as the canonical hosted A2A reference implementation. Publish it before LangGraph's A2A GA lands (expected Q2-Q3 2026 — window is NOW). - ---- - -## Title Options (pick one or propose your own) - -1. "What A2A v1.0 Means for Your Agent Stack: Why Protocol-Native Beats Protocol-Added" -2. "A2A v1.0 Is the LAN Standard Your Agent Fleet Has Been Waiting For" -3. "The Agent Internet: How A2A v1.0 Changes Multi-Agent Orchestration Forever" - ---- - -## Article Outline (follow this structure) - -### Paragraph 1 — Hook (first 100 words) -Lead with: A2A v1.0 shipped March 12, 2026 (Linux Foundation, 23.3k stars, 5 official SDKs, 383 community implementations). This is the moment the agent internet gets a standard. Most platforms will add A2A compatibility. One platform was built for it. - -Include primary keywords: "A2A protocol agent platform", "A2A v1.0 multi-agent" - -### Paragraph 2 — What A2A v1.0 actually is (plain English) -HTTP analogy works well here. A2A is to agents what HTTP was to the web — a universal protocol that makes heterogeneous agents interoperable. Before HTTP, every web server had its own way of talking to every other web server. A2A v1.0 does the same for AI agents. - -### Paragraph 3 — "A2A-native" vs "A2A-added" (core argument) -This is the heart of the piece. - -Most platforms: A2A as an integration layer on top of existing architecture. -Molecule AI: A2A as the operating system, everything else built on top. - -The org chart IS the agent topology. The hierarchy IS the routing table. Governance is enforced at the protocol level on every call. - -### Paragraph 4 — What makes Molecule AI's A2A structural (proof points) -1. A2A proxy is live in production — not beta, not in-progress -2. Per-workspace 256-bit bearer tokens + X-Workspace-ID enforcement at every authenticated route -3. Any A2A-compatible agent can join without code changes -4. External registration: Python + Node.js reference implementations (both under 100 lines) - -### Paragraph 5 — Code sample (Python, 20 lines max) -Show the external agent registration from `docs/guides/external-agent-registration.md` — simplified to the minimum viable call. This is the "see, it's real" moment. - -### Paragraph 6 — What this unlocks -Hybrid cloud. On-prem. SaaS agents in one fleet. One canvas. No separate dashboard. - -### Paragraph 7 — CTA -"Try external agent registration — docs link here" + "Read the full protocol spec" - ---- - -## SEO Requirements - -- **First 100 words:** must include "A2A v1.0" and "agent platform" -- **Headings:** use primary keywords ("A2A protocol agent platform", "A2A v1.0 multi-agent") -- **Meta description** (160 chars): draft one separately -- **Canonical URL:** `moleculesai.app/blog/a2a-v1-agent-platform` - ---- - -## Competitive Framing Rules - -- Do NOT name competitors directly -- Frame: "Most platforms add A2A. Molecule AI was built for it." -- AWS/GCP/Azure absorbing A2A: frame as validation of the protocol, not FUD. "A2A v1.0 is now the LAN standard. The question isn't whether your platform supports it — it's whether it's native or bolted on." - -## What to AVOID - -- Don't claim "Molecule AI invented A2A" — Linux Foundation owns the protocol -- Don't make performance claims without benchmarks -- Don't bury the governance story — it's the enterprise differentiator -- Don't wait — window closes when cloud providers announce managed A2A - ---- - -## Reference Assets - -| Asset | Path | -|-------|------| -| Full A2A protocol spec | `repos/molecule-core/docs/api-protocol/a2a-protocol.md` | -| External registration guide | `repos/molecule-core/docs/guides/external-agent-registration.md` | -| Per-workspace token model | `repos/molecule-core/docs/architecture/org-api-keys.md` | -| Phase 30 positioning brief | `marketing/pmm/phase30-positioning-brief.md` | -| Battlecard v0.3 (LangGraph counters) | `marketing/pmm/phase30-competitive-battlecard.md` | - ---- - -## Deliverable - -- Blog post file at `repos/molecule-core/docs/blog/2026-04-XX-a2a-v1-deep-dive/index.md` (use today's date) -- Meta description as separate comment at top of file -- Notify PMM when draft is complete for positioning review - ---- - -*PMM execution brief — 2026-04-21 | Marketing Lead to confirm before publish* \ No newline at end of file diff --git a/marketing/press/phase30-press-release.md b/marketing/press/phase30-press-release.md deleted file mode 100644 index 9e27403e..00000000 --- a/marketing/press/phase30-press-release.md +++ /dev/null @@ -1,82 +0,0 @@ -# FOR IMMEDIATE RELEASE - -## Molecule AI Launches Phase 30: Remote Workspaces Bring AI Agent Fleets to Any Infrastructure - -*Platform update enables enterprises to run autonomous AI agents on-premises, in any cloud, or on a developer's laptop — while maintaining single-pane-of-glass orchestration and governance* - -**[Date: April 20, 2026] — Molecule AI** today announced the general availability of Phase 30: Remote Workspaces, a platform update that allows AI agents to run on any infrastructure — a developer's laptop, a cloud VM, or an on-premises server — while remaining fully visible and governed within the Molecule AI platform. - -Until now, Molecule AI customers who wanted the platform's agent orchestration, A2A coordination, and governance features had to run agents on the platform's infrastructure. Phase 30 removes that constraint. Agents can now register to a Molecule AI org from external machines using a lightweight, outbound-only connection, and appear in Canvas alongside managed (container) workspaces — with no code changes required. - ---- - -### What Phase 30 Ships - -Phase 30 is eight bounded improvements packaged as one coherent feature: - -- **Remote runtime** — Agent binary connects via WSS. No inbound ports, no VPN. Outbound HTTPS to the platform only. -- **Workspace auth tokens** — Cryptographic 256-bit bearer identities, minted at registration. No shared secrets. -- **Token-gated secrets pull** — Agents pull API keys from the platform at boot. No credentials in container images. -- **Mixed-fleet Canvas** — Container and remote workspaces appear in the same Canvas. Same status, same chat, same audit trail. -- **A2A across runtimes** — Agents on different runtimes communicate via A2A without code changes. -- **AGENTS.md auto-generation** — Every workspace generates a machine-readable agent manifest at boot. Peer agents can discover each other's identity and tools without reading system prompts. (AAIF / Linux Foundation standard.) -- **Cloudflare Artifacts integration** — Every workspace can be linked to a git repo for versioned state snapshots. Agents can fork repos to bootstrap from any checkpoint. -- **`/cp/*` reverse proxy** — Allowlist-based same-origin access for internal APIs. Fail-closed. - ---- - -### Why It Matters - -The enterprise AI agent landscape is fragmenting along infrastructure lines. Some teams need agents that run on-premises due to data-residency requirements. Others need agents that run in their own cloud accounts. Many want the ability to debug agents locally before promoting them to production. Phase 30 was designed for all three scenarios simultaneously — without forcing customers to choose between platform convenience and infrastructure control. - -"With Phase 30, we made the infrastructure choice optional," said [NAME, TITLE]. "Where the agent runs is now a deployment decision — not an architectural constraint. Customers can run managed agents for standard tasks and remote agents for data-locality or environment-specific requirements, in the same Canvas, with the same governance." - ---- - -### Use Cases - -- **Data residency** — Run agent compute on-premises or in a private cloud account. Raw data never touches the Molecule AI platform. -- **Developer iteration** — Run an agent locally for debugging with an IDE, then point the same agent at the org for production tasks. -- **Multi-cloud fleet management** — Run agents across AWS, GCP, and on-premises simultaneously. Visible in one Canvas, governed by one auth system. -- **Existing agent integrations** — Register an existing agent with the org without containerizing and redeploying it. - ---- - -### Availability - -Phase 30: Remote Workspaces is generally available as of April 20, 2026. Remote workspaces are priced identically to container workspaces at GA. Self-serve setup takes under five minutes. - -- **Docs:** https://moleculesai.app/docs/guides/remote-workspaces -- **Quickstart:** https://moleculesai.app/docs/guides/remote-workspaces#quick-start -- **Launch post:** https://moleculesai.app/blog/remote-workspaces-ga -- **Working demos:** https://moleculesai.app/docs/marketing/demos - ---- - -### About Molecule AI - -Molecule AI is an agent orchestration platform for autonomous AI agent fleets. The platform provides A2A task dispatch, multi-workspace Canvas, org-scoped auth, and MCP governance. Used by platform engineering teams, data engineering teams, and enterprise organizations running multi-agent workflows. - ---- - -## Media Contact - -[NAME] -[EMAIL] -[moleculesai.app](https://moleculesai.app) - ---- - -## Notes for PR team - -- **[Date]** field: replace with actual press release publish date -- **[NAME, TITLE]** field: replace with quote attribution from CEO or CTO -- **[MEDIA CONTACT]** fields: replace with actual PR contact details -- Embargo: confirm whether this should be under embargo until a specific time -- Distribution: wire services (PR Newswire, Business Wire) or direct media outreach -- Follow-up: schedule analyst briefing for enterprise-focused analysts (Gartner, Forrester if applicable) -- Links assume docs site is live — confirm before finalizing - ---- - -*Replace `[BRACKETED]` placeholders before distribution. Check all links for live URLs.* diff --git a/marketing/sales/phase30-one-pager.md b/marketing/sales/phase30-one-pager.md deleted file mode 100644 index fcc1b011..00000000 --- a/marketing/sales/phase30-one-pager.md +++ /dev/null @@ -1,98 +0,0 @@ -# Phase 30 Remote Workspaces — One-Pager - -> **For:** Sales + prospects | **Length:** 1 page | **Format:** PDF-ready - ---- - -## What it is - -Remote Workspaces let you run Molecule AI agents on your own infrastructure — your laptop, a cloud VM, an on-premises server. They register to your Molecule AI org and appear in Canvas alongside your managed (container) workspaces. Same auth. Same A2A protocol. Same governance. - -**The only visible difference:** a purple REMOTE badge on the workspace card. - ---- - -## What changes for the buyer - -| | Before Phase 30 | After Phase 30 | -|---|---|---| -| Agent runtime | Platform-managed only | Platform-managed OR self-hosted | -| Fleet visibility | Container workspaces only | Mixed fleet, one Canvas | -| Data residency | Agent compute on Molecule AI infra | Agent compute on your infra | -| Governance model | Identical across runtimes | Identical across runtimes | - ---- - -## What this enables (real use cases) - -**Developer teams:** Run a local agent on your laptop for debugging with your IDE, then point the same agent at the org for production tasks. No environment switching. - -**Data engineering teams:** Keep raw data on your own AWS/GCP/on-prem infrastructure while using the platform for orchestration. Data residency requirement solved. - -**Enterprise platform teams:** Run agents across three clouds — visible in one Canvas, governed by the same org auth. Multi-cloud fleet, single governance plane. - -**Existing agent integrations:** Don't want to containerize and redeploy? Register your existing agent with the org. It appears in Canvas without code changes. - ---- - -## What ships with Phase 30 - -1. **Workspace auth tokens** — 256-bit bearer tokens, minted at registration. No shared secrets. -2. **Token-gated secrets pull** — API keys pulled at boot from the platform. No credentials baked into images. -3. **Reverse proxy (`/cp/*`)** — Allowlist-based same-origin access for internal APIs. Fail-closed. -4. **AdminAuth WorkOS session tier** — 30s positive / 5s negative cache. Tenant-scoped. -5. **AGENTS.md auto-generation** — Auto-generated agent manifest at workspace boot. Peer agents can read each other's identity without system prompts. (AAIF standard.) -6. **Cloudflare Artifacts integration** — Workspace git repos, snapshot/push, fork. "Git for agents." -7. **Remote runtime** — Agent binary connects via WSS. No inbound ports, no VPN. Outbound HTTPS only. -8. **Mixed-fleet Canvas** — Container + remote workspaces visible together, real-time status. - ---- - -## What stays the same - -- A2A protocol works across container/remote without code changes -- MCP governance (plugin allowlists, org API keys, audit logs) applies identically -- Org-scoped auth and session-tier controls apply identically -- Canvas, task dispatch, and parent/child relationships work across runtimes - ---- - -## Pricing - -Remote workspaces = container workspace pricing at GA. No premium for the remote runtime. - ---- - -## Quick start - -```bash -# 1. Install -curl -sSL https://get.moleculesai.app | bash - -# 2. Authenticate -molecule login --org your-org - -# 3. Bootstrap -molecule workspace init --name my-agent --runtime remote - -# 4. It appears in Canvas in ~10 seconds -``` - -**Docs:** `moleculesai.app/docs/guides/remote-workspaces` -**Launch post:** `moleculesai.app/blog/remote-workspaces-ga` -**Demos:** `moleculesai.app/docs/marketing/demos` - ---- - -## Competitive differentiation - -| Competitor | Their claim | Our answer | -|---|---|---| -| Modal / Railway | "Managed infra" | They own compute; we let you own yours | -| Cursor / Copilot | "AI coding assistant" | Single-agent; we do multi-agent coordination | -| CrewAI / Autogen | "Open-source agents" | DIY infra + governance; we give you the platform day one | -| Windsurf / Devin | "Autonomous coding agent" | No org-level governance; we have it built in | - ---- - -*Replace docs links with live URLs before distributing.* diff --git a/marketing/sales/phase30-sales-enablement.md b/marketing/sales/phase30-sales-enablement.md deleted file mode 100644 index aa5645b7..00000000 --- a/marketing/sales/phase30-sales-enablement.md +++ /dev/null @@ -1,181 +0,0 @@ -# Phase 30 — Sales Enablement Package - -> **For:** Sales + Solutions Engineering | **Status:** Draft -> **Purpose:** Equip sellers with competitive battlecards, objection handlers, and demo talking points for Phase 30 Remote Workspaces - ---- - -## Competitive Battlecards - -### Battlecard 1: Molecule AI vs. Modal / Railway - -**Their pitch:** "We handle the infra so you don't have to." -**Decision-maker's concern:** "You mean I give up control of my data?" - -| Dimension | Molecule AI Phase 30 | Modal / Railway | -|---|---|---| -| **Compute ownership** | You own it — run on your laptop, your cloud, on-prem | They own it — serverless, you don't control the machine | -| **Data residency** | Agent compute stays on your infrastructure | Data processed on their infrastructure | -| **Multi-agent coordination** | A2A protocol, Canvas, org-scoped auth | Single-function inference calls | -| **Orchestration layer** | Yes — task dispatch, parent/child relationships | No — just inference | -| **Use case fit** | Agent fleets, coordination, autonomous pipelines | Short-lived inference jobs, batch processing | - -**Winning talk track:** -> "Modal and Railway are inference platforms — they run your code on their infrastructure. Molecule AI is an orchestration layer — it runs on yours. If your concern is data residency or keeping compute on-premises, that's a fundamentally different category. We're not competing with Modal. We're solving a different problem." - ---- - -### Battlecard 2: Molecule AI vs. Cursor / Copilot - -**Their pitch:** "AI coding assistant built in to your IDE." -**Decision-maker's concern:** "Our team is already using Cursor. Why do we need this?" - -| Dimension | Molecule AI Phase 30 | Cursor / Copilot | -|---|---|---| -| **Use case** | Autonomous multi-agent pipelines | One human + one AI pairing | -| **Agent autonomy** | Agents act without a human in the loop | Human drives every decision | -| **Coordination** | A2A, parent/child task dispatch | No coordination layer | -| **Scale** | Fleet of agents, mixed runtimes | Individual developer sessions | -| **Enterprise governance** | Org API keys, audit logs, MCP allowlists | Developer tool, no org-level controls | - -**Winning talk track:** -> "Cursor and Copilot are incredible developer tools — one human, one AI, great for coding assistance. Molecule AI is an agent orchestration platform. When you want multiple autonomous agents that coordinate with each other — dispatching tasks, reporting status, working in parallel — that's a different product category. Phase 30 Remote Workspaces means you can run those agents wherever your compute lives. If your roadmap involves multi-agent systems, that's where we come in." - ---- - -### Battlecard 3: Molecule AI vs. CrewAI / Autogen (open-source frameworks) - -**Their pitch:** "Build multi-agent systems with open-source Python." -**Decision-maker's concern:** "Why pay for something we can build ourselves?" - -| Dimension | Molecule AI Phase 30 | CrewAI / Autogen | -|---|---|---| -| **Operational burden** | Zero — platform manages infra, auth, heartbeat | You manage all of it — servers, scaling, auth | -| **Governance** | Org API keys, MCP allowlists, workspace audit logs | Diy — you build it yourself | -| **Canvas / observability** | Real-time workspace visibility, status, chat | No UI — code and logs only | -| **Deployment model** | Hybrid — container + remote, same org | Self-hosted only | -| **Time to value** | Hours | Weeks (to build the same capability) | -| **Maintenance** | Platform team owns uptime and updates | Your team maintains everything | - -**Winning talk track:** -> "CrewAI and Autogen are solid frameworks for prototyping multi-agent systems. The problem is what comes after prototype: who maintains the servers, how do you add auth, where's the observability, how do you govern what agents can do. That's a significant engineering investment before you get to production. Molecule AI gives you the coordination layer on day one. Phase 30 means you can even run the agents on your own infrastructure if that's a requirement. The open-source framework gets you to prototype faster. We get you to production faster." - ---- - -### Battlecard 4: Molecule AI vs. Windsurf / Devin - -**Their pitch:** "Autonomous coding agent." -**Decision-maker's concern:** "Autonomous agents sound good but they scare my security team." - -| Dimension | Molecule AI Phase 30 | Windsurf / Devin | -|---|---|---| -| **Governance** | MCP allowlists, org API keys, audit trail | No org-level governance model | -| **Browser access** | Chrome DevTools MCP + Molecule AI governance layer | Raw CDP, no control layer | -| **Multi-agent fleet** | Yes — full A2A coordination | Single-agent only | -| **Observability** | Canvas, real-time status, task chat | Developer tool UI only | -| **Enterprise readiness** | SOC 2-ready, org-scoped auth, session tier | Early-stage, not enterprise-hardened | - -**Winning talk track:** -> "The autonomous coding agents are getting good — but they're a single-agent paradigm. When you want a fleet of agents, or when your security team needs to control what an agent can do with a browser or an API key, you need a governance layer on top. That's what Molecule AI adds. Phase 30's Chrome DevTools MCP integration, for example, gives an agent browser access through your org's MCP allowlist — with a full audit trail. That's not something you get with a standalone autonomous coding tool." - ---- - -## Objection Responses - -### "Our data can't leave our infrastructure." - -**Response:** -> "Phase 30 was built for exactly that requirement. Remote Workspaces let you run the agent on your own machine, your own cloud account, your on-premises server. The platform handles orchestration and coordination — the agent compute runs where your data lives. This isn't a workaround. It's the primary deployment model." - -**Proof point:** "A data engineering team is currently using this for a pipeline agent running in their own AWS account — raw data never touches the Molecule AI platform." - ---- - -### "This sounds complicated. Our team doesn't want to manage more infrastructure." - -**Response:** -> "There's two ways to run it. Container workspaces are fully managed — you don't touch the infra. Remote Workspaces are for when you specifically need the agent to run elsewhere. Most teams use both: managed agents for standard tasks, remote agents for data-locality or environment-specific requirements." - -**Proof point:** "The mixed-fleet pattern means you only manage what you need to manage. Canvas shows everything in one view regardless of runtime." - ---- - -### "We already have a team that manages agent infrastructure. Why would we add Molecule AI?" - -**Response:** -> "Because you're managing the orchestration layer yourself. Molecule AI replaces the custom coordination code — A2A task dispatch, parent/child relationships, auth, heartbeat, observability. That's nontrivial to build and maintain. We give you the platform; your team focuses on what the agents actually do." - ---- - -### "How is this different from just running agents in Kubernetes?" - -**Response:** -> "Kubernetes manages containers. It doesn't manage agent identity, task dispatch, or coordination. With Remote Workspaces, you get the platform layer — Canvas, A2A, org-scoped auth, audit logs — without needing a custom-built orchestration system. The agent still runs on your infra, but it's registered to the platform." - ---- - -### "What's the pricing difference between remote and container workspaces?" - -**Response:** -> "At GA launch, remote and container workspaces are priced identically. Future tiers may differentiate on egress or storage, but that's not in the current release. There's no premium for the remote runtime specifically." - ---- - -## Demo Talking Points — Phase 30 (3-minute live demo script) - -### Opening (30s) -> "I'm going to show you two things today: how an agent runs on my laptop, and how it coordinates with agents running on the platform — same Canvas, same A2A, same auth." - -**Do:** Open Canvas, show one container workspace + one remote workspace both online. - ---- - -### Setup moment (60s) -> "This agent is running on my local machine. I installed it with a single command. It registered with the org and appeared here within 10 seconds. No inbound ports, no VPN — just outbound HTTPS to the platform." - -**Do:** Terminal — run `python3 run.py` show registration output, cut to Canvas showing REMOTE badge. - ---- - -### Coordination moment (60s) -> "Now I'm going to dispatch a task from the PM agent — which is running in a container on the platform — to the remote agent on my laptop. Watch Canvas." - -**Do:** PM dispatches task, researcher on remote laptop receives and executes, result returned to PM, Canvas shows both active during coordination. - ---- - -### Close (30s) -> "Two runtimes, one Canvas. Same auth, same A2A protocol. Where the agent runs is a deployment choice — not an architectural constraint." - -**Do:** Canvas full screen, both agents active. Point to REMOTE badge. - ---- - -## Quick-Start Checklist for Sales Engineers - -Before a remote workspace demo, verify: -- [ ] Agent binary installed on demo machine (`curl -sSL https://get.moleculesai.app | bash`) -- [ ] `molecule login --org [customer-org]` authenticated -- [ ] `molecule workspace init --name demo-agent --runtime remote` created -- [ ] Workspace appears in Canvas within 10s of startup -- [ ] REMOTE badge visible on workspace card -- [ ] A2A messages route successfully to/from remote workspace -- [ ] Cloudflare Artifacts repo can be attached (if demoing the feature) - ---- - -## Objection → Champion Mapping - -Use this to help your champion build internal arguments: - -| Objection | Internal argument to make | -|---|---| -| "Data residency" | Phase 30 is the only platform with remote runtime + data residency | -| "Too complex" | Mixed fleet means you only use remote when you need it | -| "Why not just use Kubernetes" | We handle orchestration — they handle compute | -| "Price" | Remote = container pricing at GA; no premium | -| "Security" | MCP governance + org API keys apply to remote identically | - ---- - -*Drafted by DevRel. Sales Engineers should customize the talk tracks to their own voice before customer calls.* diff --git a/research/crewai-competitive-proof-points-brief.md b/research/crewai-competitive-proof-points-brief.md deleted file mode 100644 index beefa543..00000000 --- a/research/crewai-competitive-proof-points-brief.md +++ /dev/null @@ -1,151 +0,0 @@ -# CrewAI Competitive Proof Points — Sales Counter-Narrative Brief - -**Source:** GH#1398 CrewAI Enterprise Strategy -**Author:** Research Lead -**Date:** 2026-04-21 -**Purpose:** Equip Sales with credible counter-narrative in enterprise conversations while case study clearance is pending -**Classification:** Internal — Sales / Marketing use only - ---- - -## The Gap - -CrewAI has **18 named enterprise logos** (IBM, PwC, NTT DATA, PepsiCo, RBC, DocuSign + 12 others). -Molecule AI has **zero named enterprise case studies**. - -This is a real GTM credibility gap. Enterprise buyers ask "who else is using this?" and CrewAI has a ready answer. Molecule AI needs a credible counter — not fabricated case studies, but a clear articulation of **why** the enterprise buyers who *are* evaluating Molecule AI chose (or would choose) it over CrewAI. - -This brief gives Sales that narrative. - ---- - -## What CrewAI Is Winning On - -**1. Enterprise brand recognition** — IBM, PwC, NTT DATA are recognizable enterprise logos that signal "safe to buy." This is a perception advantage, not a technical one. - -**2. Agent marketplace ecosystem** — CrewAI's agent marketplace gives buyers a catalog of pre-built agents to deploy. Low friction, fast time-to-value on day one. - -**3. Agent portability (proprietary)** — CrewAI's agent export-as-MCP-server is technically interesting, but it also creates vendor lock-in (agents only work in CrewAI's ecosystem). Buyers may not recognize this as a cost until they're deep in the platform. - -**4. Dedicated VPC deployment (AMP Factory)** — Enterprise procurement wants isolated, dedicated infrastructure. CrewAI offers this; it's a real enterprise requirement. - ---- - -## Where CrewAI Is Vulnerable - -**1. Data residency is impossible** — CrewAI AMP runs on CrewAI's cloud (or dedicated VPC on their infrastructure). Enterprise buyers with GDPR, data sovereignty, or internal security requirements cannot put sensitive data on CrewAI's infrastructure without significant legal review. - -**2. No org-scoped governance** — CrewAI's agent marketplace and execution model are developer-tool oriented. Org-level API keys, audit logs, MCP plugin allowlists, and compliance reporting are not primary features. - -**3. Enterprise lock-in is real** — Proprietary agent repos, export-as-MCP-server (which only works within CrewAI), VPC-baked deployment — these are switching costs dressed up as features. Enterprise buyers who understand agent portability will see through this. - ---- - -## Molecule AI's Three Open Differentiators - -### 1. Remote Runtime — Agent Compute Where Data Lives - -**The argument:** "CrewAI AMP runs on their infrastructure. Molecule AI Remote Workspaces lets your agents run on your AWS account, your on-prem server, or your data center. Your raw data never touches our platform." - -**When to use it:** Any enterprise buyer with data residency requirements, GDPR concerns, financial services regulation, or internal security policies that prohibit sending data to third-party AI infrastructure. - -**Proof point available:** The AWS data engineering team is already using this deployment model — raw data never touches Molecule AI. - -**Competitive response to "but CrewAI has dedicated VPC":** "AMP Dedicated VPC is still CrewAI's infrastructure. Remote Runtime on your own AWS account means your data never leaves your environment — not even their 'dedicated' cloud." - ---- - -### 2. Org-Scoped API Keys + Audit Logs — Governance Without Sacrifice - -**The argument:** "Molecule AI was built for platform teams. Org-scoped API keys mean you can give each team autonomous agent access without giving them cross-org visibility. Audit logs give you a full trace of every agent action. MCP plugin allowlists let you control which tools are available to which agents." - -**When to use it:** VP Engineering, Director of Developer Productivity, Head of Platform Engineering — the people responsible for AI governance, not just AI adoption. - -**Key comparison:** - -| Feature | CrewAI | Molecule AI | -|---------|--------|-------------| -| Org-level API keys | No | Yes | -| Audit logs | Basic | Full trace | -| MCP plugin allowlists | No | Yes | -| Workspace-level isolation | No | Yes | -| Cross-team visibility controls | No | Yes | - -**Competitive response to "we can build governance ourselves":** "You can — but Molecule AI ships governance on day one. Building org-scoped auth and audit logging on top of CrewAI takes months. With Molecule AI it's already there." - ---- - -### 3. Multi-Tenant SaaS + Docker Portability — Platform Day One - -**The argument:** "Molecule AI is a multi-tenant SaaS platform. You can be up and running in hours. But because we use the A2A protocol and Docker as the agent runtime, your agents are portable. If you want to move to self-hosted later, you can — your agents run in Docker containers, not in proprietary CrewAI primitives." - -**Key comparison:** - -| Feature | CrewAI | Molecule AI | -|---------|--------|-------------| -| Time to first agent | Hours | Hours | -| Self-hosted option | AMP Dedicated VPC (their infra) | Remote Runtime (your infra) | -| Agent portability | Proprietary export | Docker / A2A standard | -| Mixed fleet (cloud + self-hosted) | No | Yes — same Canvas, same auth | -| Platform team maintenance | High | Low (platform manages uptime) | - -**The lock-in reversal:** "CrewAI's agent marketplace is impressive — but those agents only run on CrewAI. Molecule AI's .bundle.json format and A2A protocol mean your agents can run anywhere the protocol is implemented. That's portability, not vendor lock-in." - ---- - -## Counter-Narrative for Each CrewAI Win - -### When the buyer says: "CrewAI has IBM and PwC" - -**Say:** "Those are great enterprise logos — CrewAI has done a good job landing big names. Who did they replace, and does that match your situation? Enterprise logos don't always mean enterprise-ready for your specific use case. We'd love to understand your requirements and show you what Molecule AI's Remote Runtime and org governance look like for your team's profile." - -**Why this works:** You acknowledge the competitor's strength without contesting it. You redirect to the buyer's actual problem. - ---- - -### When the buyer says: "CrewAI's agent marketplace gives us ready-to-deploy agents" - -**Say:** "The marketplace is a good fast-start — low friction on day one. But pre-built agents are a starting point, not a destination. The question is: what happens when you need to customize, extend, or move those agents? With Molecule AI, your agents are Docker containers running the A2A protocol — they're portable by design. With CrewAI's marketplace, you're building on their agent format." - -**Why this works:** You reframe the marketplace as a short-term convenience vs. long-term flexibility. - ---- - -### When the buyer says: "CrewAI's dedicated VPC is good enough for our security requirements" - -**Say:** "AMP Dedicated VPC is dedicated — but it's still on CrewAI's infrastructure. Your data is logically isolated, not geographically isolated. If your security team requires that agent compute runs in your own AWS account — not just a 'dedicated' partition on CrewAI's cloud — Remote Runtime is the only option that actually delivers that. And you get the same Canvas, the same auth, the same A2A coordination." - -**Why this works:** You distinguish logical isolation from actual data residency control. - ---- - -## The Narrative Frame for Enterprise Buyers - -> "CrewAI is winning on enterprise logos and a good developer experience. That's real — they're a strong competitor. Where Molecule AI is purpose-built for the enterprise platform team: agents that run where your data lives, governance that ships on day one, and portability that protects you from lock-in. If those are your priorities — and for platform teams, they usually are — let's look at what that looks like for your specific use case." - ---- - -## Proof Points to Have Ready - -**Differentiator 1 (Remote Runtime):** -> "A data engineering team is running Molecule AI agents on their own AWS account right now. Raw data never touches our platform. That's the deployment model, not a workaround." - -**Differentiator 2 (Org Governance):** -> "Org-scoped API keys, audit logs, and MCP plugin allowlists are in the product today. Your platform team can control which teams have access to which tools, and audit every agent action — without building it yourselves." - -**Differentiator 3 (Portability):** -> "Our agents run as Docker containers using the A2A protocol. That's not a proprietary format — it's a standard. If you want to move to self-hosted, your agents come with you." - ---- - -## Status of Named Case Studies - -Molecule AI is actively pursuing enterprise reference customers. Named case studies are in clearance — Legal review expected to complete within 2–4 weeks. Anonymized references are available immediately upon request. - -**Sales action:** If a named reference would close a specific deal, flag to Marketing Lead — we can prioritize clearance for high-value opportunities. - ---- - -*Brief prepared by Research Lead from GH#1398 CrewAI Enterprise Strategy research.* -*Sales Engineers: customize the talk tracks to your own voice before customer calls.* -*GH#1405 owner: Marketing Lead* diff --git a/research/enterprise-case-study-legal-clearance-brief.md b/research/enterprise-case-study-legal-clearance-brief.md deleted file mode 100644 index 8059cc2e..00000000 --- a/research/enterprise-case-study-legal-clearance-brief.md +++ /dev/null @@ -1,152 +0,0 @@ -# Legal Reference Clearance Brief — Enterprise Case Study - -**Prepared by:** Research Lead / Marketing Lead -**For:** Legal / Contracts Review -**Date:** 2026-04-21 -**Reference:** GH#1405 — Ship 2–3 named enterprise case studies before Phase 30 GTM launch -**Timeline:** Clearance requested — 2–4 week process; start immediately - ---- - -## Purpose - -Molecule AI is preparing enterprise case studies for Phase 30 GTM launch. This brief requests Legal review to determine what reference information can be used publicly, with what attribution, and under what constraints. - -**This is a blocking dependency for GH#1405.** Legal clearance timelines (2–4 weeks) mean outreach must begin this week to close before Phase 30 GTM. - ---- - -## Request to Legal - -Please advise on: - -1. What reference information can be used publicly? -2. What attribution is approved (named company, anonymized role/industry, fully anonymous)? -3. Does the customer need to provide written approval, or does our contract govern reference rights? -4. Are there any industries or contract tiers where reference is prohibited or restricted? - ---- - -## Reference Candidate A — Data Engineering Team (AWS) - -**This candidate is the preferred starting point** — the use case is already referenced (anonymously) in our sales materials, suggesting the customer may be open to expanded reference rights. - -### Customer Profile -- **Anonymized name:** "A data engineering team at a US-based enterprise" -- **Industry:** Data / analytics (exact vertical on file with CS) -- **Contact role:** Data Engineering Lead (name on file with CS) - -### What Was Deployed - -| Component | Detail | -|-----------|--------| -| **Platform** | Molecule AI Remote Workspaces | -| **Backend** | AWS (customer-managed EC2/ECS compute) | -| **MCP stack** | MCP-compatible data tools (specific integrations on file) | -| **Agent count** | [TBD — request from CS] | -| **Auth model** | Org-scoped API keys | - -### Use Case Summary - -The team deployed autonomous pipeline agents that run on their own AWS account. Raw data never touches the Molecule AI platform — the platform handles orchestration and coordination; agent compute runs in the customer's AWS environment. - -**Deployment model:** Remote Runtime (self-hosted compute, platform-managed orchestration) - -### Outcome - -> "A data engineering team is currently using this for a pipeline agent running in their own AWS account — raw data never touches the Molecule AI platform." -— Phase 30 Sales Enablement Materials - -*[CS to confirm: Is this quote attributable or directional? Can we publish this verbatim or paraphrase?]* - -### What We're Asking Legal to Approve - -**Minimum viable clearance (anonymous):** -- Publish use case description (anonymized: "a data engineering team at a US enterprise") -- Describe deployment model (Remote Runtime on AWS) -- Reference outcome (data residency advantage) -- **Do not** include company name, contact name, or specific metrics - -**Preferred clearance (named):** -- Named company + contact name + title -- Quote from contact (1–2 sentences) -- Specific outcome metric if available - -**If named clearance fails:** -- Approve anonymized version above -- Proceed with publication; revisit named clearance in Q2 - ---- - -## Reference Candidate B — Enterprise Platform Team (Governance) - -*To be surfaced by CS from pipeline contacts — see enterprise-case-study-pipeline-targeting-brief.md* - -| Field | Value | -|-------|-------| -| **Company** | [TBD — CS to identify from pipeline] | -| **Industry** | [TBD] | -| **Contact** | [TBD] | -| **Deployment** | [TBD] | -| **Use case** | Agent fleet governance, MCP plugin allowlists | -| **Outcome** | [TBD] | -| **Quote** | [TBD] | - -**CS action:** Identify 1–2 Tier 1 candidates from pipeline targeting brief. Route to Legal for clearance within 5 business days. - ---- - -## Reference Candidate C — Financial Services (Competitive Displacement) - -*Longer timeline — 6–8 weeks expected clearance. Start outreach now, plan for Q2 publication.* - -Matches CrewAI's confirmed enterprise profile (IBM, PwC, RBC). Highest competitive narrative value. Lowest near-term clearance probability. - -**CS action:** Identify any financial services or regulated enterprise contacts currently in active deployment (not pilot). Begin relationship-building for future case study. - ---- - -## Standard Contract Clause to Check - -*[Legal to confirm whether the following applies to relevant contract tiers:]* - -> **Reference Rights:** Customer agrees that Molecule AI may reference Customer's use of the Platform in marketing materials, including but not limited to: company name, contact name, use case description, and quoted statements. Molecule AI will obtain Customer's written approval before any public reference, which approval shall not be unreasonably withheld. - -*If this clause exists in the AWS data engineering team's contract, named reference may already be contractually pre-approved — Legal to confirm.* - ---- - -## Publication Channels - -Upon clearance, the approved content will be published to: -- Molecule AI website (case studies page) -- Phase 30 sales enablement materials (updated) -- GTM collateral (one-pager, competitive battlecard) -- LinkedIn / social (with customer approval for named attribution) - ---- - -## Timeline - -| Week | Action | -|------|--------| -| **Week 1** | CS identifies Tier 1 candidates; sends initial outreach | -| **Week 1–2** | Legal reviews reference rights clause; confirms minimum clearance path | -| **Week 2–4** | Customer calls; draft brief submitted to Marketing | -| **Week 3–5** | Legal reviews final brief; approves publication format | -| **Week 4–6** | Brief published; Phase 30 GTM collateral updated | - -**If named clearance fails:** Publish anonymized version at Week 4–5; revisit named at Q2. - ---- - -## Contact for This Request - -- **Marketing Lead:** [on file — GH#1405 assignee] -- **Research Lead:** [this brief] -- **CS escalation:** [CS team lead — to be identified] - ---- - -*Legal review requested by: Marketing Lead (GH#1405 owner)* -*Reference issue: GH#1405 — Ship 2–3 named enterprise case studies before Phase 30 GTM launch* diff --git a/research/enterprise-case-study-pipeline-targeting-brief.md b/research/enterprise-case-study-pipeline-targeting-brief.md deleted file mode 100644 index 0cd2abc1..00000000 --- a/research/enterprise-case-study-pipeline-targeting-brief.md +++ /dev/null @@ -1,104 +0,0 @@ -# Enterprise Case Study Pipeline Targeting Brief - -**Source:** GH#1398 CrewAI Enterprise Strategy + GH#1405 Enterprise Case Studies -**Author:** Research Lead -**Date:** 2026-04-21 -**Status:** DRAFT — for Sales/CS review - ---- - -## Purpose - -Identify which existing Molecule AI pipeline contacts to prioritize for enterprise case study reference clearance outreach. Based on: (1) CrewAI enterprise target verticals and roles, (2) Molecule AI's existing pipeline signals, (3) reference clearance likelihood by segment. - ---- - -## What We're Competing Against - -**CrewAI's 18 named enterprise logos** (GH#1398): -IBM, PwC, NTT DATA, PepsiCo, RBC, DocuSign + 12 others - -**CrewAI's target enterprise profile:** -- **Verticals:** Financial services, enterprise software, manufacturing, professional services -- **Roles:** VP Engineering, Director of Developer Productivity, Chief AI Officer, Head of Platform Engineering -- **Use case:** Multi-agent pipelines for internal tooling, code generation at scale, document processing, customer service automation -- **Deployment:** Dedicated VPC (AMP Factory), SSO-gated, enterprise procurement - ---- - -## Molecule AI's Counter-Positioning Advantage - -For each CrewAI target persona, identify Molecule AI's differentiation: - -| CrewAI Target | Molecule AI Advantage | Who to Approach | -|---------------|----------------------|-----------------| -| **VP Engineering / Platform** | Remote runtime: agent compute where data lives, not on CrewAI's cloud | Platform engineering leads with data residency concerns | -| **Director of Developer Productivity** | Org-scoped API keys + audit logs: governance without sacrificing autonomy | Dev productivity teams at regulated enterprises | -| **Head of AI / CAIO** | Multi-tenant SaaS: no infra to manage, A2A protocol works across fleet | AI offices evaluating build-vs-buy | -| **Enterprise Sales (inbound)** | Docker + Remote mixed fleet: same Canvas, same auth, two runtimes | Companies already running self-hosted AI infra | - ---- - -## Priority Outreach Segments - -### Tier 1 — Highest clearance likelihood, strongest narrative - -**1. Data engineering teams on AWS/GCP using Remote Workspaces** -- *Why:* Already referenced in Phase 30 sales enablement ("raw data never touches Molecule AI platform") -- *Use case:* Data pipeline agents, ETL automation, data processing -- *Deployment:* Remote Runtime (self-managed AWS/GCP compute) -- *Clearance likelihood:* HIGH — customer self-selected as security-conscious; likely contractually clear for technical reference -- *Approach:* Ask for technical reference call + use case quote. Anonymize if named clearance fails. - -**2. Enterprise platform teams evaluating AI governance** -- *Why:* Org-scoped API keys + audit logs are a differentiator vs. CrewAI's developer-tool model -- *Use case:* Agent fleet governance, MCP plugin allowlists, compliance reporting -- *Deployment:* Hybrid (Canvas + Remote) -- *Clearance likelihood:* MEDIUM-HIGH — governance buyers are often more comfortable with references - -**3. AI-first startups / mid-market companies with active dev teams** -- *Why:* Faster sales cycle, more likely to have named contacts willing to go on record -- *Use case:* Multi-agent development pipelines, autonomous code review, CI/CD integration -- *Deployment:* Molecule AI Cloud or self-hosted -- *Clearance likelihood:* MEDIUM — faster to close, but may lack enterprise legal process - -### Tier 2 — Valuable but harder to clear - -**4. Financial services / regulated enterprises (matching CrewAI's IBM/PwC/RBC profile)** -- *Why:* Same vertical as CrewAI's confirmed wins — strongest competitive displacement narrative -- *Use case:* Compliance automation, document processing, internal tooling -- *Clearance likelihood:* LOW in near term (FedRAMP, SOC 2, internal legal review) — start outreach now but expect 6–8 weeks - ---- - -## Recommended First Move - -**Approach the AWS data engineering team first** (Tier 1, #1 above): -- Anonymized reference already exists in sales materials — customer is presumably aware they may be referenced -- Technical use case is documented (pipeline agents, AWS, Remote Runtime) -- Self-selected for data security narrative — strongest Molecule AI proof point -- Clearance: start with CS contact asking for "technical reference call" before mentioning public use - -**Script for CS initial outreach:** -> "We're preparing a technical case study for our Phase 30 launch and we'd love to feature the work your team is doing with [use case]. This would be a short [named/anonymized — their choice] overview of what you deployed and the outcome. Legal clearance typically takes 2–3 weeks — we're starting now so we're ready for launch. Would your contact be open to a 20-minute call with our marketing team?" - ---- - -## What to Capture on the Call - -For each reference candidate, collect: -1. **Named customer** (company + contact name + title) OR explicit anonymization approval -2. **Use case:** What problem, what Molecule AI features, how many agents/users -3. **Deployment model:** Cloud / self-hosted / hybrid; backend infrastructure -4. **Outcome metric:** Even directional ("reduced X by ~70%") is useful -5. **Quote:** 1–2 sentences on what problem they solved and why they chose Molecule AI -6. **Approval:** Email confirmation from legal or contact for marketing to reference - ---- - -## Next Steps - -- [ ] CS to pull list of all pipeline contacts with "data engineering," "platform engineering," or "AI governance" in role/company description -- [ ] CS to identify which contacts are on AWS or have data residency requirements (highest fit) -- [ ] Draft outreach email template (use script above) -- [ ] Begin legal clearance process for Tier 1 candidate this week diff --git a/test-pmm-temp.txt b/test-pmm-temp.txt deleted file mode 100644 index 565257a8..00000000 --- a/test-pmm-temp.txt +++ /dev/null @@ -1 +0,0 @@ -test-pmm-1776890184 diff --git a/tick-reflections-temp.md b/tick-reflections-temp.md deleted file mode 100644 index a7de3c62..00000000 --- a/tick-reflections-temp.md +++ /dev/null @@ -1,66 +0,0 @@ -## 2026-04-21T01:50Z -- GH_TOKEN still invalid (~3 hours). All push/gh blocked. Read-only git works. -- PR #1036 SUPERSEDED: team merged PR #1154 (fix/ssrf-url-validate-redactSecrets-admin-memories) which includes my exact MCP fixes. The same bugs were fixed by another agent while my branch was blocked. -- Staging fast-forwarded to 742066c. Key merges: PR #1154 (SSRF + redactSecrets), PR #1168 (bootstrap-failed-and-console-proxy), PR #1184 (main promo), PR #1181 (staging promo). -- SSRF test bug STILL EXISTS in staging (ssrf_test.go lines 62-63). My fix/ssrf-test-localhost branch has the fix (dac62fb). Will open PR when GH_TOKEN refreshes. -- Key insight: when a team agent merges my same fixes while my PR is blocked, my branch becomes redundant. Verify staging doesn't already have the fix before preparing a new PR. - -## 2026-04-21T02:50Z -- GH_TOKEN RESTORED! Was invalid ~5 hours. Fixed by clearing x-access-token URL rewrites from git config, then using token directly in remote URL. -- Pushed feat/memory-inspector-panel (force-push, cd8a1eb) — triggered CI on PR #1127. CI running but queued. -- Pushed fix/ssrf-test-localhost (dac62fb) — opened PR #1192. CI running. -- Closed PR #1036 (fix/mcp-type-assertions-ws-url-redaction) — was already superseded by PR #1154. -- PR #1032 was ALREADY MERGED (confirmed via gh), not just "open". No action needed. -- Reviewed PR #1194 (CI runner contention fix): moves changes detection to ubuntu-latest, adds concurrency cancel. Looks good. -- CI queue is backed up — multiple parallel runs, self-hosted runner contention. My branches show 11+ min queue time. -- Issue #1079 (unchecked ExecContext in scheduler panic defer): staging's PR #1166 merged fix, but ExecContext errors are still unchecked in both panic defers. Issue correctly flags this. Consider a follow-up if bandwidth allows. -- Remote set to internal repo after fix. Internal pull clean (up to date). - -## 2026-04-21T03:15Z -- GH_TOKEN rotated AGAIN (ghs_72vTK7i6SRp6ujioy7Z0zThpuee7vO4JNHvU). Updated all git remotes (molecule-core, internal). -- CI pipeline STALLED: 0 runs in_progress across the org. My runs queued 41+ min with no runner assignment. updated_at=null on Detect changes job. -- Runners recovered at ~01:57 UTC (staging runs completing). My runs haven't cleared yet. -- feat/memory-inspector-panel (run #24699254842): queued 41 min, Detect changes never started. -- fix/ssrf-test-localhost (run #24698152165): queued 1h19m. -- Reviewed PRs #1194, #1019, #1018, #1009. Issue #1079 (unchecked ExecContext) identified. -- PRs #1036 closed, #1032 confirmed merged. - -## 2026-04-21T03:40Z -- GH_TOKEN rotated AGAIN (ghs_3rjPXOqVm3WNZ692xwQkVxE3sWLtsd2sd39D). 4th rotation in ~3h. -- Internal repo reset to origin/main (9cd98f7) after conflict with external agent push. -- CI still stalled: feat/memory-inspector-panel run #24699254842 queued 59 min, updated_at=null. -- fix/ssrf-test-localhost queued 1h34m, same. -- Queue analysis: ~300 runs across 3 pages. My runs at page 2 position ~100. Newer runs (02:20+) at page 1 top. Only 1-2 active runners. -- Reviewed PRs #1222, #1221, #1217 — all look good. -- PRs #1036 closed, #1032 confirmed merged. No further PR review opportunities. - -## 2026-04-21T04:00Z -- GH_TOKEN restored (ghs_EerpGUdxLFRqZqTEwoMtWZrdPZfXIP1wSrNa). 5th rotation. -- PR #1127 ALREADY MERGED (head=9201179, confirmed via gh). feat/memory-inspector-panel branch done. -- SSRF test fix (dac62fb, wantErr:true for localhost cases) exists only in molecule-core fix/ssrf-test-localhost branch (NOT in internal repo OR molecule-core staging/main). Created PR #1240 against staging. -- Internal repo reset to origin/main (c5b8260) — another agent's tick overwrote mine (60f0e3e lost). The ssrf_test.go file does NOT exist in origin/main (695588b not in ancestry). Internal repo has no SSRF-related branches or PRs. -- PR #1239 reviewed (org_id in Gin context for org-token callers): small, well-scoped. Can't approve (own PR). -- CI queue: 73 queued, 0 in_progress. New runs (02:50+) being processed. My PR #1240 CI queued ~02:57. -- Git remotes updated with new token for both repos. - -## 2026-04-21T04:10Z -- PR #1240 (SSRF test fix) — MERGED ✓. CI run #24701644710 success at 02:57Z. -- Open PRs on molecule-core: - - #1244 (fix/f1089-fireschedule-update-ctx): follow-up to #1241, dedicated context for post-fire UPDATE. CI queued ~03:04Z. - - #1243 (fix/canvas-timer-state-orgs-page): eliminate flaky timer state. CI queued ~03:02Z. - - #1242 (fix/ci-runner-queue-contention): removes ci.yml concurrency, adds codeql.yml concurrency. CI run failed (workflow file issue). Another agent's PR. - - #1241 (fix/f1089-scheduler-ctx-fix-main): context.Background() in panic-recovery defer UPDATE. CI queued ~02:58Z. -- CI queue: 52 queued, 0 in_progress. Runners active (3 SUCCESS runs since 02:56Z). My old queued runs still stuck, newer runs getting picked up within minutes. -- GH_TOKEN: ghs_EerpGUdxLFRqZqTEwoMtWZrdPZfXIP1wSrNa. Still working. -- Internal repo: up to date at 58769bb. -- Issue #1062 (113 golangci-lint errcheck errors): PR #1229 merged (artifacts resp.Body.Close fix). Need to check remaining count. - -## 2026-04-21T04:25Z -- GH_TOKEN rotated (ghs_N7FohgCWrBpUQvR0qP4530cc4ZvpTJ17P8QF). 6th rotation. Remotes updated for both repos. -- PR #1240 confirmed MERGED (SSRF test fix). -- Open PRs: #1247 (sed regression fix — `$1` literal in 7 files, in flight), #1248 (CI yaml corruption fix — restores concurrency, OPEN). Both CI still running. -- CI queue: 53 queued, 0 in_progress. 2 success runs since 03:00Z. Runners slow but active. -- Feat/memory-inspector-panel branch (cd8a1eb) — PR merged, branch is stale. Could clean up but not critical. -- Internal repo main forced-updated again (273674d instead of 58769bb). Another agent is writing over my ticks consistently. -- No unassigned issues for my area. Issue #1245 (sed regression, CRITICAL) is being handled by PR #1247 (another agent's branch fix/sed-regression-1245). -- Checked molecule-core staging (5831b4e) and main (273674d) — docs-focused updates. \ No newline at end of file