Data-Flow Inspector
Every hop a query takes through Knoq — annotated with what is transmitted, what is persisted, and what is discarded before disk.
Persistence surface
Every Postgres table that holds data Knoq wrote on your behalf. Nothing else touches disk.
| Table | Contents | Notes |
|---|---|---|
org | Organisation metadata (slug, name, tier). | — |
org_member | Membership rows linking Stytch member ids to orgs. | — |
org_branding | Logo, colours, write-back tool selection. | — |
org_subscription | Tier, trial window, query-pack balance. | — |
org_sso_config | SAML / OIDC configuration per org. | — |
org_connector_policy | Allowed connector list per org. | — |
session_usage | Per-session token counts and USD cost. | — |
audit_log | Append-only org-level audit trail. | — |
mcp_oauth_token | Connector OAuth tokens. | encryptedAES-256 encrypted at rest. |
managed_agent_session | One row per chat: title, timestamps, cancellation flag. | — |
managed_agent_event.payload | Anthropic events (user.message, agent.message, tool_use, tool_result). | tool_result > 1 KiB is replaced with {size, toolName} before write. |
verified_answers | Expert-curated Q/A pairs, scoped by org. | — |
agent_memory | Per-user preference store (team, focus project, etc.). | encryptedAES-256 encrypted at rest; scoped to (org, member). |
outcome_metrics_weekly | Aggregated counters for the ROI digest. | — |
Not persisted
- Full document bodies from source tools (Notion pages, Slack threads, GitHub files, …).
- Live tool-result content exceeding 1 KiB — redacted to {size, toolName} before write.
- Agent reasoning chains beyond the metadata needed to replay a transcript.
How redaction works
Redaction runs inside the tail-session workflow at the moment an event is about to be written to Postgres. The function lives inlib/redaction.tsand is pure — it takes an Anthropic event, walks everyagent.tool_resultblock, and replaces any content whose serialised length exceeds the threshold.
The threshold defaults to 1024 bytes (1 KiB) and is overridable per environment viaEVENT_REDACTION_THRESHOLD_BYTES. Typical file listings and task summaries weigh 200–800 bytes and pass through; full document bodies and large Slack extracts run 2–50 KiB and get dropped.
Redaction is write-time, not read-time.
Once redacted, the content is permanently gone from Postgres. No admin, no export, no backup recovers it. The visible transcript for that turn shows the redaction placeholder and the size of the dropped payload so you always know the turn happened.
See the broader security picture
The full persistence, token-lifecycle, and compliance story lives on the Security overview page — including retention windows, OAuth token handling, and permission inheritance.