diff --git a/docs/ecosystem-watch.md b/docs/ecosystem-watch.md index b0dfbfb1..8f6894df 100644 --- a/docs/ecosystem-watch.md +++ b/docs/ecosystem-watch.md @@ -72,6 +72,9 @@ Track competitor releases and market events that affect Phase 30 positioning. En | Date | Event | Competitor | PMM Action | |------|-------|-----------|------------| | 2026-03-12 | **A2A v1.0 officially shipped** — LF, 23.3k stars, 5 official SDKs, 383 community implementations | Linux Foundation / ecosystem | A2A v1.0 is standardized — Molecule AI's native A2A is now a reference implementation story (issue #1286). Position as canonical hosted reference before AWS/GCP/Azure absorb it. | +| 2026-04-23 | **LangGraph PR verification ✅:** #6645, #7113, #7205 still OPEN as of 2026-04-23T17:38Z. A2A native support still in-progress; Molecule AI "live today" positioning intact. Battlecard v0.3 LangGraph counter accurate. | PMM | Confirmed OPEN — moat intact | +| 2026-04-23 | **New feat PRs merged:** #1731 (sweepPhantomBusy — infra reliability), #1730 (45-min gh-token refresh daemon — fixes 60-min git 401 in long sessions), #1702 (SSH-backed file writes for SaaS — fixes 500 on file PUT for SaaS customers). Briefs at launches/pr-1702-*.md and pr-1730-*.md. Release note at blog/2026-04-23-saas-file-api-fix.md. | PMM | All assessed; #1702 most urgent (P1 regression). #1730 routed as reliability improvement. | +| 2026-04-22 | LangGraph PR verification deferred: GH API 401 for external repos. LangGraph PRs #6645, #7113, #7205 still VERIFY. A2A blog uses PR#6645 as governance-gap evidence — if PRs merged, blog claim is stale. | PMM | GH API 401 for external repos — cannot verify | | 2026-04-21 | Battlecard v0.3 shipped — added A2A live-today vs LangGraph in-progress side-by-side table; LangGraph counters updated to lead with live production status; buyer bottom line added | PMM | Battlecard updated within same cycle as ecosystem check | | 2026-04-21 | LangGraph PR verification: #6645, #7113, #7205 not found in langchain-ai/langgraph open PR list. Possible merge, close, or re-number. **PMM action:** ecosystem-watch updated with VERIFY flags. Battlecard v0.3 LangGraph status is stale until re-verified. | PMM | | 2026-04-20 | Chrome DevTools MCP shipped — browser automation now standard MCP tool | MCP ecosystem | Positioned as governance story, not browser story. | @@ -81,12 +84,12 @@ Track competitor releases and market events that affect Phase 30 positioning. En ## Competitor Feature Tracker ### LangGraph -- A2A support: **VERIFY** — PRs #6645, #7113, #7205 not found as open PRs in langchain-ai/langgraph. Either merged/closed or re-numbered. Requires manual re-check. Last confirmed: 2026-04-21 cycle. +- A2A support: **OPEN** — PRs #6645, #7113, #7205 still OPEN in langchain-ai/langgraph as of 2026-04-23T17:38Z. Live production claim intact. Expected GA: Q2-Q3 2026. - Graph orchestration: ✅ Live - HiTL workflows: **VERIFY** — recent streaming and subgraph PRs (#7559, #7550) do not appear to be HiTL; re-verify - Self-hosted enterprise: ❌ SaaS-only via LangGraph Studio - Marketplace: ❌ None -- Source: GitHub langchain-ai/langgraph (verified 2026-04-21 20:35Z) — PRs #6645, #7113, #7205 not found. Recommend manual re-check. +- Source: GitHub langchain-ai/langgraph (verified 2026-04-23 17:38Z) — PRs #6645, #7113, #7205 confirmed OPEN. ### CrewAI - External agent support: ✅ Secondary path @@ -115,7 +118,7 @@ Track competitor releases and market events that affect Phase 30 positioning. En - **Check frequency:** Every marketing cycle - **Trigger:** Any competitor shipping something that invalidates a Phase 30 positioning claim - **File location:** `docs/ecosystem-watch.md` (origin/main) -- **Last updated by:** PMM | 2026-04-21 +- **Last updated by:** PMM | 2026-04-23 (LangGraph PRs verified OPEN; new feat PRs #1730/#1702/#1731 logged; release note written) --- diff --git a/docs/marketing/blog/2026-04-23-saas-file-api-fix.md b/docs/marketing/blog/2026-04-23-saas-file-api-fix.md new file mode 100644 index 00000000..a59376fc --- /dev/null +++ b/docs/marketing/blog/2026-04-23-saas-file-api-fix.md @@ -0,0 +1,44 @@ +# SaaS Workspaces Now Support Full File API — SSH-Backed Writes Land Today + +**Status:** Live — merged 2026-04-23 +**PR:** [#1702](https://github.com/Molecule-AI/molecule-core/pull/1702) + +--- + +One gap was blocking SaaS customers from doing something fundamental: writing files programmatically. + +When you called `PUT /workspaces/:id/files/config.yaml` from a SaaS (EC2-backed) workspace, you got a 500. `failed to write file: docker not available`. The file API existed, but only for self-hosted Docker deployments. SaaS workspaces — the ones running on real EC2 VMs — had no path to write. + +That changes today. + +## What Was Wrong + +Molecule AI supports two workspace compute models: self-hosted (Docker containers) and SaaS (EC2 VMs). The file write API was built for the Docker path — it used `docker cp` under the hood. SaaS workspaces don't have Docker. There was no fallback, so every API write failed silently. + +This wasn't a permissions issue or a timeout. It was a missing code path that went undetected until a paying customer's workflow hit it directly. + +## What's Fixed + +The file write API now detects which compute model is in use and routes accordingly: + +- **Self-hosted (Docker):** Unchanged — `docker cp` path still used +- **SaaS (EC2):** Routes through EC2 Instance Connect (EIC) — the same ephemeral-keypair SSH flow that powers the Terminal tab in the Canvas + +The remote write uses `install -m 0644 /dev/stdin ` for an atomic write that creates missing parent directories. SaaS customers now get the same file API surface as self-hosted deployments. + +## Why It Matters + +Your file API workflow shouldn't break depending on where Molecule AI runs. Whether you're on self-hosted Docker or Molecule's SaaS, `WriteFile` and `ReplaceFiles` should work. They do now. + +**Try it:** +```bash +curl -X PUT https://your-workspace.moleculesai.app/workspaces/:id/files/config.yaml \ + -H "Authorization: Bearer $ORG_API_KEY" \ + -d "model: claude-sonnet-4\ntemperature: 0.7" +``` + +File API. Now everywhere Molecule AI runs. + +--- + +*Found a bug or have a feature request? Open an issue at [github.com/Molecule-AI/molecule-core](https://github.com/Molecule-AI/molecule-core).* diff --git a/docs/marketing/briefs/2026-04-23-pr1686-tool-trace-platform-instructions-positioning.md b/docs/marketing/briefs/2026-04-23-pr1686-tool-trace-platform-instructions-positioning.md new file mode 100644 index 00000000..528f00ac --- /dev/null +++ b/docs/marketing/briefs/2026-04-23-pr1686-tool-trace-platform-instructions-positioning.md @@ -0,0 +1,82 @@ +# PR #1686 Positioning Brief: Tool Trace + Platform Instructions + +**Source:** PR #1686 — `feat: tool trace + platform instructions` +**Date:** 2026-04-23 +**Author:** PMM +**Status:** Draft — for internal review before announcement + +--- + +## Target Buyer + +**Primary:** Platform Engineering / DevOps leads (80% of value) +**Secondary:** Enterprise IT / Security Governance leads (Platform Instructions) + +Platform teams own the agent runtime and are the first to get paged when an agent goes off-script. They need built-in observability, not bolt-on stitching. Enterprise IT and compliance teams care about the governance angle — system-prompt rules that enforce behavior before an agent runs, not after it has already done something unintended. + +--- + +## Primary Value Prop + +> **Tool Trace** gives every A2A response a complete, run_id-paired execution record — so platform teams can trace what every agent actually did, without wiring up a third-party SDK. + +> **Platform Instructions** lets workspace admins enforce system-prompt rules at startup — so governance happens before the agent runs, not after an incident. + +--- + +## Competitive Angle + +**vs. Langfuse / Helicone / separate observability pipelines:** +Third-party LLM observability tools require instrumentation in every agent: SDK installs, API key management, proxy configuration, and a separate vendor relationship. Tool Trace ships the execution record inside every A2A message and stores it in `activity_logs` — no extra pipeline, no separate pane of glass. For teams already on Molecule, it's zero-lift observability. + +Langfuse/Helicone remain stronger for *cross-platform, multi-model* observability (tracking OpenAI + Anthropic + self-hosted in one view). That's not Molecule's fight. The positioning here is: "If you're already running agents on Molecule, you already have enterprise-grade trace — turn it on, don't integrate it." + +**vs. Hermes native tool tracing:** +Hermes traces individual model calls. Tool Trace traces *agent behavior* — the A2A-level sequence of tool calls and responses across the full task lifecycle. Different layer of the stack. Tool Trace is additive, not competitive. + +**vs. policy-as-code tools (OPA, Sentinel):** +Platform Instructions enforces behavioral guardrails at the system-prompt level. Policy engines enforce runtime resource access. They complement; Platform Instructions is earlier in the chain (pre-execution vs. during-execution). + +--- + +## Key Differentiator + +Tool Trace and Platform Instructions are **platform-native** — not plugins, not third-party SDKs, not configuration-as-code you have to maintain. They live where the agent runs: inside the workspace startup path and inside every A2A message envelope. There's nothing to install, no API key to rotate, no version drift to manage when the agent framework updates. + +Third-party observability and governance tooling always has a lag between "agent framework ships a new behavior" and "our integration captures it." Native trace and prompt-level instructions have no lag — they are the platform. + +--- + +## Objection Handlers + +**O1: "We already use Datadog / Langfuse / Splunk for this."** +That's fine for cross-platform, multi-model environments. Tool Trace captures *A2A-level* agent behavior — tool calls, input/output previews, run_id-paired sequences — that generic LLM observability pipelines typically miss or flatten. Think of it as your Molecule-specific layer inside your existing observability stack. It doesn't replace Datadog; it enriches it. + +**O2: "Why enforce system-prompt rules at the platform level instead of in code?"** +Because code changes require a deployment, and governance that requires a deployment is governance that only happens at the next release cycle. Platform Instructions are workspace-scoped rules that take effect at startup — a platform team or IT admin can update agent behavior without touching application code or triggering a redeploy. Speed of governance matters. + +--- + +## Overlap / Conflict Notes + +| Existing Feature | Relationship | +|-----------------|--------------| +| Org-scoped API keys (#1105) | Different layer: API key auth vs. agent behavior/prompt. Tool Trace traces what agents *do* with the keys; org keys control *who gets* the keys. Not cannibalization — complementary. | +| Audit trail visualization panel (#759) | Tool Trace is the raw execution record; the audit trail panel is the compliance UI on top of it. Tool Trace feeds the audit trail. Not competitive — dependency. | +| Snapshot secret scrubber (#977) | Both platform observability. Secret scrubber is about data posture; Tool Trace is about behavior. No conflict. | + +**Cannibalization risk: LOW.** Tool Trace and Platform Instructions occupy the observability/governance vertical that existing features touch from different angles — no direct overlap, strong adjacency. + +--- + +## CTA + +**For platform teams:** "Enable activity log tracing for your workspace — every A2A task now has a complete execution record, no SDK required." +**For enterprise IT:** "Set workspace-level system prompt rules to enforce behavioral guardrails before agents run. No code deploy required." +**Combined anchor:** "Molecule gives you observability and governance as platform primitives — not afterthought integrations." + +--- + +## Recommended Announcement Angle + +Lead with the platform-native story, not the feature list. The headline is: *"Molecule agents now come with built-in execution tracing and governance — nothing to integrate."* Avoid leading with "Tool Trace" as a feature name in top-level copy; use "execution tracing" or "agent observability" for broader appeal. diff --git a/docs/marketing/briefs/cloudflare-artifacts-positioning.md b/docs/marketing/briefs/cloudflare-artifacts-positioning.md new file mode 100644 index 00000000..1919bfbb --- /dev/null +++ b/docs/marketing/briefs/cloudflare-artifacts-positioning.md @@ -0,0 +1,115 @@ +# Cloudflare Artifacts — PMM Positioning Brief +**Source:** PR #641, merged 2026-04-17 | Blog: `docs/marketing/blog/2026-04-21-cloudflare-artifacts-integration.md` +**Issue:** #1174 | **Status:** PMM DRAFT | **Date:** 2026-04-23 +**Owner:** PMM | **Blocking:** none — feature shipped, ready for social + +--- + +## Positioning Decision + +**Use "Git for agents" as the headline metaphor — with qualification.** + +Cloudflare's own beta announcement uses "Git for agents." It's the right hook because developers immediately understand what it means and why it matters. Leading with it is accurate and immediately differentiating. + +The qualification: this is Git *plus* the agent primitives that make it agent-native. Automated commits (no human in the loop), API-first branching, ephemeral short-lived credentials, canvas-native integration. It's not Git with a chat interface — it's version control designed for stateless agents. + +**Recommended headline:** "Give your agents a Git history — without touching a terminal." + +--- + +## Buyer Profile + +**Primary:** Platform engineers and DevOps leads evaluating AI agent platforms. They have agents running in production, they're managing agent state manually or not at all, and they need version control they can instrument. They're not necessarily Git experts — they're the people who inherited the AI agent rollout. + +**Secondary:** Enterprise security and compliance teams. They need audit trails on agent actions. A versioned snapshot system with immutable commits is a concrete answer to "what did the agent change?" — without requiring agents to write human-readable commit messages. + +**Not the audience:** Developers who want Git workflows in their own IDE. This isn't replacing GitHub for human developers — it's giving agents a version history that humans can audit and roll back. + +--- + +## Use Cases + +### Use Case 1: Multi-agent pipelines without manual handoff +Two agents, same task. Agent A writes a feature branch. Agent B reviews and approves. You merge. No Slack threads asking "did the research agent finish?" No copy-pasting outputs between workspaces. + +### Use case 2: Crash recovery without starting over +An agent crashes mid-task. With versioned snapshots, the last checkpoint is a Git commit. The next agent to pick up the task starts from a diff, not a blank workspace. + +### Use case 3: Experimentation without risk +Agents trying something risky can fork a branch first. If it fails, delete the fork. The main branch is clean. No "oops, can you revert that?" in the team Slack. + +--- + +## Top 2 Buyer Objections + +### Objection 1: "Why not just use GitHub? Agents can call `git commit`" +**Likely buyer:** Platform engineers with existing GitOps workflows. + +**The problem with this objection:** `git commit` requires a Git repo on disk, human-readable messages, and a human in the loop to resolve conflicts. Agents don't naturally produce well-structured commits. And "just use GitHub" means agents need credentials, network access, and a configured remote — which creates a dependency you have to manage. + +**Recommended response:** +Git was designed for humans. Agents need version control that works without a human in the commit loop — automatic snapshots, API-first branching, ephemeral credentials that never get stored. Cloudflare Artifacts gives agents their own versioned storage without requiring Git credentials on every agent instance. The four API operations (`POST /artifacts/repos`, `fork`, `import`, `tokens`) are agent-native — no terminal, no commit messages, no credential management. + +If you want agents to contribute to a shared Git repo, they can — `POST /artifacts/repos/:name/import` bootstraps from any Git URL. But they don't need to in order to have a useful version history. + +--- + +### Objection 2: "Cloudflare Artifacts is in beta — we can't bet production infrastructure on a beta service" +**Likely buyer:** Enterprise ops leads, security teams. + +**The problem with this objection:** The risk is real but the framing is wrong. Cloudflare Artifacts is beta on Cloudflare's side, but the integration inside Molecule AI is designed to fail gracefully — if Artifacts is unavailable, agents fall back to local workspace state. The version history is an enhancement, not a hard dependency. + +**Recommended response:** +The feature is additive, not a hard dependency. If Cloudflare Artifacts is unavailable, agents continue working with local filesystem state — no outage, no degraded mode. Cloudflare is a large, stable infrastructure provider with a documented beta SLA. For teams that need production guarantees, this is worth evaluating alongside the rest of the Cloudflare Workers ecosystem. If Cloudflare Artifacts goes GA, the integration is already live. + +--- + +## GA Status + +**Feature is shipped (PR #641 merged 2026-04-17).** + +Cloudflare Artifacts is in public beta on Cloudflare's side. Molecule AI's integration is live. The feature is available to users with a Cloudflare API token and Artifacts namespace configured. + +**No separate GA date needed from Molecule AI's side** — the integration doesn't have its own launch milestone, it's a feature within the existing platform. Social copy can proceed without a GA date announcement. + +**Caveat:** If Cloudflare promotes Artifacts from beta, the messaging should shift from "Git for agents (beta)" to "Git for agents — now GA." Track Cloudflare's announcement channel for Artifacts GA. + +--- + +## Competitive Angle + +**No other AI agent platform has a Cloudflare Artifacts integration as of 2026-04-17.** This is a first-mover claim. Verify before publishing — if a competitor ships before the launch post goes live, update to "first to integrate" rather than "only platform with." + +Monitor: LangGraph, CrewAI, AutoGen GitHub repos for Artifacts or CF Workers integration commits. + +--- + +## Collateral Status + +| Asset | Owner | Status | +|-------|-------|--------| +| Blog post | Content Marketer | Shipped (2026-04-21) | +| Social launch thread | Social Media Brand | Blocked on brief (this doc) | +| DevRel demo | DevRel Engineer | Unknown | +| Docs page | DevRel | Shipped (`docs/guides/cloudflare-artifacts`) | +| Battlecard entry | PMM | Add to Phase 34 battlecard | + +--- + +## Recommended Social Angle (for Social Media Brand) + +Thread opener: "Your AI agent just deleted three hours of work. Here's why that doesn't have to happen again." + +Lead with the pain story. The technology is the answer, not the hook. Close with the CTA to the blog post. + +--- + +## Update Triggers + +- Cloudflare Artifacts GA announced → update from "beta" to "GA" framing +- Any competitor ships Cloudflare Artifacts integration → update competitive claim to "first to integrate" +- PR or issue filed about Artifacts user experience → update objections section + +--- + +*PMM draft 2026-04-23 — ready for Social Media Brand* diff --git a/docs/marketing/briefs/phase34-messaging-matrix.md b/docs/marketing/briefs/phase34-messaging-matrix.md new file mode 100644 index 00000000..20730d2f --- /dev/null +++ b/docs/marketing/briefs/phase34-messaging-matrix.md @@ -0,0 +1,100 @@ +# Phase 34 — Taglines + Messaging Matrix +**Feature group:** Partner API Keys, Tool Trace, Platform Instructions, SaaS Federation v2 +**GA date:** April 30, 2026 +**Owner:** PMM | **Status:** INTERNAL DRAFT +**Last updated:** 2026-04-23 + +--- + +## 3 Candidate Taglines + +### Tagline A — Production-grade (emphasizes enterprise reliability) +> **"Production-grade AI agents. Nothing to bolt on."** + +**Use for:** Press releases, homepage hero, paid placements, enterprise sales decks. +**Why it works:** Directly addresses the enterprise buyer's #1 objection — "this is great for prototypes but can I run it in production?" — without overclaiming features. "Nothing to bolt on" is a dig at competitors (LangGraph, CrewAI) that require Langfuse, Helicone, or custom observability pipelines. + +--- + +### Tagline B — Observability/visibility (emphasizes transparency) +> **"See exactly what your AI agents did. Every tool. Every call. Every time."** + +**Use for:** DevOps-focused channels, technical blog intros, SOC 2 / compliance audience, tool trace launch announcement. +**Why it works:** Speaks directly to the platform engineering persona — the person who gets paged at 2am when something breaks. "Every tool. Every call. Every time." is specific and falsifiable, which builds credibility with technical audiences. It names the feature (Tool Trace) without making it a product name. + +--- + +### Tagline C — Aspirational (emphasizes enterprise enablement) +> **"Your AI fleet. Your rules. Your cloud."** + +**Use for:** LinkedIn, enterprise social, brand campaigns, vision statements. +**Why it works:** Three short declarative sentences that speak to three distinct buyer anxieties: managing at scale ("fleet"), controlling behavior ("rules"), and infrastructure autonomy ("your cloud"). Works for Platform Instructions, Partner API Keys, and SaaS Federation v2 simultaneously — it's a Phase 34 group tagline, not a single-feature tagline. + +--- + +## Messaging Matrix — 4 Features + +--- + +### Feature 1: Partner API Keys (`mol_pk_*`) + +| | | +|--|--| +| **Pain it solves** | Partner platforms, CI/CD pipelines, and marketplace resellers cannot programmatically provision or manage Molecule AI orgs — they must use browser sessions or build custom integrations from scratch. This makes Molecule AI unembeddable for any platform that wants to offer agent orchestration as a feature. | +| **Who cares** | Platform integrations engineers, DevRel leads building partner ecosystems, CI/CD DevOps teams, marketplace listing owners (AWS/GCP Marketplace) | +| **One-liner** | Programmatic org provisioning via API — no browser required, no manual handoff. | +| **Proof point** | `POST /cp/admin/partner-keys` creates a fully configured org with one API call. Keys are scoped to the org they create, rate-limited, revocable with `DELETE /cp/admin/partner-keys/:id`. Ephemeral CI test orgs: `POST` → run tests → `DELETE` → clean billing. | +| **HN/Reddit framing** | "Molecule AI now lets partners provision orgs via API — the same week Acme Corp [design partner, placeholder] ships their integration." Do NOT claim GA. Use "beta" or "now available." | +| **What to soft-pedal** | Specific partner tiers and pricing (PM not confirmed). Marketplace billing integration status (PM to confirm). Do not mention "Acme Corp" in published copy. | + +--- + +### Feature 2: Tool Trace + +| | | +|--|--| +| **Pain it solves** | When an agent breaks in production, teams have no structured record of what it did — only the final output. Reverse-engineering from outputs is slow, error-prone, and impossible to automate. Third-party observability tools (Langfuse, Helicone, Datadog) miss A2A-level agent behavior and require SDK instrumentation. | +| **Who cares** | Platform engineers, DevOps leads, SREs, enterprise IT debugging production incidents | +| **One-liner** | Built-in execution tracing for every A2A task — no SDK, no sidecar, no sampling. | +| **Proof point** | `tool_trace[]` in every `Message.metadata` — array of `{tool, input, output_preview, run_id}` entries. Entries written to `activity_logs.tool_trace` as JSONB. run_id pairs concurrent calls so parallel traces don't merge. Platform-native: ships with the A2A response, no instrumentation required. | +| **HN/Reddit framing** | Lead with the developer experience: "Tool Trace ships today in Molecule AI. Every agent turn now includes a structured record of every tool called — inputs, output previews, run_id-paired for parallel calls." Be honest: this is a beta feature. | +| **What to soft-pedal** | Technical implementation details (run_id pairing schema, JSONB storage format). Overlap with Langfuse/Helicone — frame as complementary, not competitive. | + +--- + +### Feature 3: Platform Instructions + +| | | +|--|--| +| **Pain it solves** | Agent governance that only filters outputs after the agent has already acted is governance that failed. Enterprise IT and compliance teams need to shape agent behavior *before* the first token is generated — without requiring a code change or deployment. | +| **Who cares** | Enterprise IT, Security/Compliance leads, Platform Engineering, CISO office | +| **One-liner** | Enforce org-wide agent governance at the system prompt level — before the first turn, not after an incident. | +| **Proof point** | Platform Instructions prepends workspace-scoped rules to the system prompt at startup. Two scopes: global (every workspace in the org) and workspace-specific. Rules take effect before the first agent turn — not after. Policy update requires no code deploy, no agent restart, no application change. | +| **HN/Reddit framing** | Frame as "the missing governance layer for production agents." Avoid overclaiming compliance certifications. Do not compare directly to OPA/Sentinel — say "complements runtime policy engines" not "replaces them." | +| **What to soft-pedal** | Overlap with the existing audit trail panel (Issue #759) — they are complementary (Tool Trace feeds the audit trail). Don't let buyers think they have to choose. Specific policy examples until PM confirms which are GA-ready. | + +--- + +### Feature 4: SaaS Federation v2 + +| | | +|--|--| +| **Pain it solves** | Enterprises and marketplaces that need to offer agent orchestration to multiple end-customers (tenants) cannot do so safely with a single-tenant architecture: cross-tenant data isolation, centralized billing, org-level access control, and per-tenant audit trails are all required for enterprise procurement. | +| **Who cares** | Enterprise procurement, IT procurement teams, marketplace operators, SaaS resellers, multi-tenant ISVs | +| **One-liner** | Multi-tenant agent platform with cross-tenant isolation, centralized billing, and org-level governance — built for enterprises and marketplaces. | +| **Proof point** | SaaS Federation v2 tutorial at `docs/tutorials/saas-federation` (PR #1613). Org-scoped keys + control plane boundary. Isolated per-tenant workspaces with centralized admin view. | +| **HN/Reddit framing** | ⚠️ **WARNING:** SaaS Federation v2 is listed in Issue #1836 as a Phase 34 feature, but no PMM positioning brief or blog post exists for it yet. Do NOT draft community copy for this feature until PM confirms: (a) what it actually ships, (b) the GA/beta/alpha label, and (c) the primary use case narrative. Current content gap — not ready for external copy. | +| **What to soft-pedal** | Until PM confirms details, do not publish any claims about SaaS Federation v2. | + +--- + +## Feature Cross-Sell Angles + +**Phase 30 → Phase 34 linkage (for sellers):** +> "Phase 30 shipped per-workspace auth tokens (`mol_ws_*`). Phase 34 ships partner-level keys (`mol_pk_*`). Together, Molecule AI is the only platform with workspace-level isolation *and* partner-level scoping — enterprise-ready from day one." + +**Governance stack (Platform Instructions + Tool Trace):** +> "Platform Instructions shapes what agents do *before* they run. Tool Trace records what they did *after*. Together: governance before, observability after. Nothing leaves production unaccounted for." + +**Partner platform stack (Partner API Keys + SaaS Federation v2 + Platform Instructions):** +> "Provision tenants via API. Isolate them in a multi-tenant control plane. Govern their behavior at the system prompt level. Revoke access in one call. That's a complete partner platform — not a collection of features." diff --git a/docs/marketing/briefs/phase34-positioning.md b/docs/marketing/briefs/phase34-positioning.md new file mode 100644 index 00000000..db0ab24d --- /dev/null +++ b/docs/marketing/briefs/phase34-positioning.md @@ -0,0 +1,87 @@ +# Phase 34 — Positioning One-Pager +**Feature group:** Partner API Keys, Tool Trace, Platform Instructions, SaaS Federation v2 +**GA date:** April 30, 2026 +**Status:** INTERNAL DRAFT — for PMM review and press kit use +**Owner:** PMM +**Last updated:** 2026-04-23 + +--- + +## One-Sentence Positioning Statement + +Molecule AI Phase 34 gives enterprise teams the platform-native primitives — programmable access, built-in observability, and pre-execution governance — required to run AI agents in production, without the bolt-on integrations that add latency, maintenance burden, and security gaps. + +--- + +## Target Audience + +| | Role | What they care about | +|--|------|----------------------| +| **Primary** | Platform Engineering / DevOps leads | Shipping reliable agent infrastructure: observability, CI/CD integration, multi-environment support | +| **Primary** | Enterprise IT / Security Governance | Controlling agent behavior before it happens: policy enforcement, audit trails, compliance | +| **Secondary** | Partner / Marketplace integrations engineers | Embedding Molecule AI as the orchestration layer for their platform or marketplace | +| **Secondary** | Developer advocates / DevRel | Demonstrating enterprise-grade capabilities to prospective enterprise buyers | + +--- + +## Problem We Solve + +Enterprise teams adopting AI agents face three compounding failures at once: + +1. **Observability gaps** — Agents run and produce outputs, but teams have no structured record of *what the agent actually did*: which tools it called, with what inputs, in what order. Debugging is reverse-engineering from outputs. Cross-platform observability (Langfuse, Datadog) adds a pipeline but misses A2A-level agent behavior. + +2. **Governance gaps** — Agent behavior policies are enforced *after* the agent has already acted — filtering outputs, blocking writes post-hoc. Governance that only works after the fact is governance that failed. Enterprise IT and compliance teams need controls that shape behavior *before* the first token is generated. + +3. **Integration gaps** — Platforms that want to embed agent orchestration programmatically face a choice between building it themselves (months of work) or using browser sessions (brittle, non-programmatic). CI/CD teams need ephemeral test orgs per PR. Neither is solved by existing agent platforms. + +--- + +## Our Solution — Phase 34 Angle + +Phase 34 ships four features that address each failure at the platform layer — not as integrations, not as SDKs, not as post-hoc configuration: + +- **Partner API Keys** (`mol_pk_*`) — Scoped, revocable API tokens that let partner platforms, CI/CD pipelines, and marketplace resellers programmatically provision and manage Molecule AI orgs. No browser. No manual handoff. +- **Tool Trace** — `tool_trace[]` in every A2A `Message.metadata`. A structured, run_id-paired execution record: tool name, inputs, output previews, timing. No SDK, no sidecar, no sampling. +- **Platform Instructions** — Workspace-scoped system prompt rules that take effect at startup. Governance happens before the first turn, not after an incident. +- **SaaS Federation v2** — Multi-tenant control plane architecture: isolated orgs, cross-tenant guardrails, centralized billing for enterprise and marketplace deployments. + +**The Phase 34 angle:** These four features work together. A partner platform provisions an org via Partner API Keys, configures Platform Instructions for their tenants, gets full observability via Tool Trace, and operates it all inside a SaaS Federation v2 multi-tenant control plane. This is a coherent enterprise stack — not four unrelated features. + +--- + +## Key Differentiators vs. Competitors + +| Differentiator | LangGraph Cloud | CrewAI | Molecule AI Phase 34 | +|---------------|----------------|--------|----------------------| +| Built-in agent observability (no SDK) | ❌ | ❌ | **✅ Tool Trace** | +| Pre-execution governance (system prompt level) | ❌ | ❌ | **✅ Platform Instructions** | +| Programmatic partner org provisioning | ❌ (seat licensing only) | ❌ (marketplace listing only) | **✅ Partner API Keys** | +| CI/CD-native ephemeral orgs | ❌ | ❌ | **✅ Partner API Keys + CI/CD example** | +| Multi-tenant SaaS control plane | ❌ | ❌ | **✅ SaaS Federation v2** | +| A2A-native protocol | ✅ (in-progress, Q2-Q3 2026) | ❌ | **✅ live today** | + +**Counter-framing for sellers:** +> "LangGraph Cloud and CrewAI are end-user platforms. Molecule AI is infrastructure your platform builds on — with the governance and observability built in, not bolted on." + +--- + +## Proof Points + +| Claim | Evidence | +|-------|----------| +| Molecule AI is the only agent platform with built-in execution tracing | `tool_trace[]` in `Message.metadata` — no SDK, no sidecar. LangGraph and CrewAI require Langfuse/Helicone instrumentation. | +| Platform Instructions enforce governance before agents run | Workspace startup path prepends rules to system prompt. Policy takes effect before first token generated. | +| Partner API Keys enable programmatic org provisioning | `POST /cp/admin/partner-keys` creates orgs via API. Keys are SHA-256 hashed, org-scoped, rate-limited, revocable via `DELETE`. | +| Ephemeral test orgs per PR are fully automated | CI/CD example in partner onboarding guide: `POST` create → run tests → `DELETE` teardown. No manual cleanup, no shared-state contamination. | +| SaaS Federation v2 enables multi-tenant isolation | Tutorial at `docs/marketing/launches/pr-1613-saas-federation-v2.md`. Org-scoped keys + control plane boundary. | +| Design partner (Acme Corp) validates enterprise readiness | Acme Corp integration (design partner, name pending PM confirmation). Reference use case: partner-provisioned orgs for Acme's customer base. | + +--- + +## Internal Use Notes + +- Partner API Keys are **BETA** — do not claim GA in press materials. Use "now available in beta" or "shipping April 30, 2026." +- Tool Trace and Platform Instructions shipped via PR #1686 — **BETA**. +- SaaS Federation v2 — **BETA** or **EARLY ACCESS**, pending PM label confirmation. +- Do not use "Acme Corp" in any externally published copy — placeholder only. Confirm partner name with PM before press release. +- Phase 30 linkage: Phase 30 shipped `mol_ws_*` (per-workspace auth). Phase 34 extends to `mol_pk_*` (partner-level keys). Cross-sell: "Phase 30 workspace isolation + Phase 34 partner scoping — the only platform with both." diff --git a/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md b/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md index f700dac7..d4f94a45 100644 --- a/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md +++ b/docs/marketing/launches/pr-1533-ec2-instance-connect-ssh.md @@ -111,8 +111,9 @@ Fallback (technical): *"CP-provisioned workspaces get browser-based terminal via | Channel | Asset | Owner | Status | |---------|-------|-------|--------| -| Blog post | "How to access your EC2 workspace terminal from the canvas" | Content Marketer | Blocked: needs DevRel code demo first | -| Social launch thread | 5 posts: problem → solution → claim 1 → claim 2 → CTA | Social Media Brand | Blocked: awaiting blog post + code demo | +| Blog post | "How to access your EC2 workspace terminal from the canvas" | Content Marketer | Blocked: needs DevRel code demo first (#1545) | +| Social launch thread | 5 posts: problem → solution → claim 1 → claim 2 → CTA | Social Media Brand | ✅ APPROVED — copy at `docs/marketing/social/2026-04-22-ec2-instance-connect-ssh/social-copy.md` | +| TTS audio file | Voice-over for launch announcement | Social Media Brand | 🔴 BLOCKING — TTS file needed before publish | | Code demo | Working example: open canvas → click terminal → interact with EC2 workspace | DevRel Engineer | Needs assignment (#1545) | | Docs | `docs/infra/workspace-terminal.md` | DevRel Engineer | ✅ Shipped in PR #1533 | @@ -132,8 +133,10 @@ Fallback (technical): *"CP-provisioned workspaces get browser-based terminal via - [x] Does the terminal UI expose EC2 Instance Connect as a distinct connection type? → No — seamless; the platform handles it transparently - [x] Is there a docs page? → Yes: `docs/infra/workspace-terminal.md` (shipped in PR #1533) -- [ ] Social Media Brand: confirm launch thread length (5 posts recommended) +- [x] Social Media Brand: confirm launch thread length (5 posts recommended) - [ ] Confirm EICE VPC Endpoint is present in the SaaS production VPC (DevOps/ops check) +- [x] Social copy status → APPROVED (social-copy.md on staging, 2026-04-22) +- [ ] 🔴 TTS audio file: Social Media Brand needs TTS generation before publish ---