How FACE works

Framework for AI Context in Enterprise — the vocabulary and concepts behind your knowledge base.

Your team’s knowledge lives across Google Drive, Notion, Confluence, and email threads. Everyone keeps their own copy. No one knows which document is “the real one.”

FACE creates a single, curated source of truth — a Git-backed knowledge base, structured, auditable, always up to date. Not a summary of your existing documents. Not an index over them. The definitive record.

Day-to-day: upload a file, Aria proposes where it belongs in your knowledge base, you approve with one click. The original stays where it is; the KB becomes what your team and AI agents reference.

The moment you invite your first teammate and realise they can see everything is when access control becomes obvious. FACE lets you separate what marketing knows from what engineering knows, layer by layer.

FACE is open-source and self-hostable. The managed cloud handles hosting, updates, and support so you can focus on the content.

What is FACE?

FACE

FACE — Framework for AI Context in Enterprise — is a structured methodology for giving AI tools organizational context, so they produce output that reflects how your organization actually works. FACE creates a layered knowledge base, stored in a Git repository, that any AI tool can read. It's tool-agnostic, version-controlled, and works for teams of five to enterprises with hundreds of repositories.

Without FACE, AI tools start every session from zero — they don't know your coding standards, your brand voice, your architecture decisions. With FACE, they load the right context layers for the task and deliver output specific to how you operate.

The four FACE layers

Numbered folders that organize a KB. The number sets navigation order; the name tells your team what kind of content lives there.

FACE layer

FACE organizes knowledge into four numbered folders, each with a focused purpose:

  • 1-company — who you are: identity, team, structure, brand, policies.
  • 2-departments — how each team works: engineering standards, legal templates, marketing voice rules, finance rhythms.
  • 3-products — what you build: per-product overview, architecture, pricing, roadmap.
  • 4-projects — what you're working on now: per-project brief, decisions, retros.

The numbering enforces a navigation order so things stay in a predictable place. Folder names can be customized per organization; the numbers can't.

Core properties

Seven properties FACE optimizes for. Four headline ones drive the sign-in page; all seven appear here for the full picture.

Single source of truth

FACE is built so that for every piece of business context — a decision, a policy, a product spec — there is exactly one place it lives. Humans navigate to that file in the KB; AI tools load it as part of their context layer. When the canonical file changes, every reader (human or machine) sees the change next time they look. No mirrored copies in Notion, Confluence, or someone's drafts folder going out of sync.

Git-native

FACE treats knowledge like code. Each layer is a Git repository. Every change — a new policy, a tweak to coding standards, an architecture decision — is a commit on a branch and merges through a pull request. You get full history, blame, diffs, and the ability to revert. The knowledge base is portable: if you ever leave the tool, the repo comes with you.

Role-based access

FACE inherits access control from GitHub. Each layer is its own repository, so you grant read or write access at the repo level using your existing team structure. The same mechanism that controls who can see source code also controls who can see context — no parallel ACL system to maintain.

Tool-agnostic

FACE doesn't depend on a particular AI vendor. Boot adapters (CLAUDE.md, AGENTS.md, GEMINI.md, .cursor/rules/agent-boot.md) translate the canonical AGENTS_BOOT.md instructions into each tool's expected location. When a new AI tool emerges, you add one adapter file — the knowledge base itself stays unchanged.

Composable

Context isn't free — every token loaded into an AI session costs latency, money, and risks crowding out the actual question. FACE lets an agent compose the right context for a task: a code review might load only the engineering department + the relevant product layer; a board memo might load company + all products. The boot adapter declares which layers to load; the runtime can also assemble dynamic contexts via a context broker.

Living

A static wiki goes stale within a quarter. FACE assumes decisions happen continuously and lets agents propose updates back into the KB through pull requests. A Slack-based staging pipeline can capture decisions in conversation, an agent drafts the corresponding KB change, a human owner reviews and merges. The KB stays current without anyone needing to remember to update it.

Scalable

FACE doesn't change shape as you grow — it just adds repositories. A small team starts with one KB and one set of folders. As the company grows, you split: each department gets its own layer-repo, each product gets its own, and the company layer stays shared across all of them. The boot convention stays identical at every scale.

Auditable by design

Because the KB is a Git repository, every change is intrinsically auditable: the diff shows what changed, the commit message says why, the PR reviewer is on record, the merge is timestamped. FACE extends this to agent-to-agent context handoffs: every activation records the layers loaded, the source files cited, and the human owners signed off. Compliance reviews and incident post-mortems work from the same trace.

Roles

Owner

An owner is the human accountable for the quality and accuracy of a specific FACE layer. Their name lives in 0-meta/kb-config.yaml under that layer. Every pull request that touches files in their layer routes to them for review — they merge the good changes and push back on the rest. This keeps content quality high without requiring everyone to know every layer; ownership is distributed but explicit.

FACE requires at least one human owner per layer. A layer with no owner is a layer no one is accountable for, which means quality drifts.

Contributor

Contributors are everyone else — the engineers, designers, analysts, and operators who notice that something in the KB is wrong, outdated, or missing. They open pull requests with the fix or addition. The layer's owner reviews. Contributors don't need permission to suggest a change, only to merge one.

Data flow & privacy

Where your KB content, your AI provider tokens, and your chat transcripts actually live — and what ABQ can and can't see.

Your AI provider, your keys

Aria isn't tied to a single model vendor. Each org picks a provider — Anthropic, OpenAI, or Google Gemini — and pastes its own API key. From that moment on, every chat turn Aria makes goes from this app straight to that provider using your org's key.

What that means in practice:

  • The provider sees your prompts directly. ABQ doesn't proxy the content; we just route the request. Your AI vendor's privacy policy applies to the prompts and the responses.
  • The key is stored encrypted at rest on this app's database, scoped to your org. Members can't read its value. The decryption key only the running app holds — ABQ operators can't pull tokens out of the database.
  • Rotate or switch any time. Change provider, paste a new key, pick a new model — the dock's reconnect flow handles it without leaving the conversation.
  • No ABQ-pooled inference. We don't bundle calls from multiple customers through a shared key. Your usage shows up on your provider bill against your key.

Your KB content stays on GitHub

FACE Studio is the orchestration layer between your knowledge base (in GitHub) and your AI assistant (Aria). The KB content — the actual files — sits in your own GitHub repository the whole time:

  • Reads are live. When Aria, the file viewer, or the search needs a file, it's fetched from your GitHub repo using your token at request time. We don't snapshot or cache the bytes.
  • Writes go through pull requests. When Aria proposes a change, the change is committed to a branch in your repo and opened as a PR for review — there's no "ABQ database of edits" intermediating that flow. Approve in the app or in GitHub; either path merges into your repo.
  • Your GitHub token is encrypted per user. Used only to read/write the repos you've authorised. Sign out and back in (or revoke from your GitHub settings) to invalidate it.

If you stopped using ABQ tomorrow, your KB would still be a fully-functional Git repo. Nothing's locked inside our servers.

What ABQ stores, what it doesn't

A complete map of where each kind of data sits:

  • KB content (your documents) — in your GitHub repo. Not replicated on ABQ servers. See Your KB content stays on GitHub.
  • AI provider API keys — encrypted at rest on ABQ, scoped to your org. ABQ operators can't decrypt them; only the running app can, and only to forward a request you initiated. See Your AI provider, your keys.
  • Prompts + AI responses — flow between the app, your AI provider, and your GitHub repo. ABQ doesn't store the content of either; we store the transcript metadata so you can come back to a chat (see next bullet).
  • Conversation transcripts — stored so the chat picker can resurface your past chats. Scoped to your org by row-level security; deletable from the chat picker.
  • GitHub tokens — encrypted per user.
  • Routing metadata (which org, which KB, which model, message timestamps) — visible to ABQ so the app can render the right surfaces and the right org gets billed for the right usage.

The short version: ABQ is the conductor, not the warehouse. The substantive data — your documents, your AI tokens in cleartext, the content of the prompts you send your provider — flows past ABQ rather than resting on it.

Special files

AGENTS_BOOT.md

AGENTS_BOOT.md is the single source of truth for how an AI agent should approach this knowledge base. It declares: which identity file to load (telling the agent what role to play), which context layers to load (in what order), and what the working agreements are (e.g. all changes via pull request). Boot adapters for each AI tool — CLAUDE.md, AGENTS.md (OpenAI Codex), GEMINI.md, .cursor/rules/agent-boot.md — exist purely to redirect the tool to AGENTS_BOOT.md.

The upshot: every AI tool in your team reads the same instructions, and editing AGENTS_BOOT.md updates the behavior of all of them at once.

Boot adapter

Different AI tools look for their boot instructions in different filenames at different paths. Claude Code reads CLAUDE.md; OpenAI Codex reads AGENTS.md; Gemini CLI reads GEMINI.md; Cursor reads .cursor/rules/agent-boot.md. A boot adapter is the per-tool file that satisfies the tool's expected location and immediately redirects to AGENTS_BOOT.md. Adding a new AI tool to your KB is one adapter file — no other changes needed.

kb-config.yaml

0-meta/kb-config.yaml is the FACE-level metadata file for your KB. It records which user is the owner of each layer (used for PR review routing), which optional extensions are enabled, and other framework-level configuration. FACE Studio reads and writes it; humans can edit it directly via Git when needed.

Aria

Your AI assistant for working inside a FACE knowledge base — what she does and what she won't do without being asked.

Aria

Aria is ABQ's general-purpose assistant for working inside a FACE knowledge base. She has read the entire KB and knows the FACE framework: which layer a new piece of content belongs in, how layer ownership works, what the boot adapters do.

Things to ask Aria:

  • Draft a new page (e.g. "Set up our company identity").
  • Restructure existing content (e.g. "Move the pricing doc out of 3-products").
  • Import from a connected source (e.g. "Pull in our Notion product roadmap").

Things Aria won't do unprompted: change ownership, merge pull requests, or modify 5-agents/ config. Those are deliberate human decisions.

For where the prompts you send, the keys she uses, and her replies actually live, see Data flow & privacy below.

Credits

The humans behind FACE Studio.

Definitions sourced from the canonical FACE knowledge base. Spot something wrong? Open an issue.