Skip to main content

Understanding Resources

Resources are the knowledge and execution capabilities that agents access to accomplish work. They include documentation, API connections, credentials, and services—everything an agent needs beyond its language capabilities to operate effectively in your workspace.

Two Types of Resources

Knowledge Resources

Knowledge resources provide context and information that agents use to make informed decisions:

Documentation: Technical documentation, API references, architecture guides, and internal wikis that agents can search and reference when working on tasks.

Knowledge Bases: Curated collections of team knowledge, coding standards, design patterns, and project-specific information that help agents align with your team's practices.

Conversation History: Previous interactions, decisions, and solutions that agents can recall to maintain consistency and learn from past work.

Code Context: Understanding of your codebase structure, dependencies, patterns, and conventions that agents build over time.

These resources answer questions like "How does authentication work in this project?" or "What coding style does this team prefer?"

Execution Resources

Execution resources enable agents to interact with external systems and services:

API Connections: Authenticated access to external services like GitHub, Linear, Slack, or custom APIs that agents need to accomplish tasks.

Credentials: Securely stored API keys, tokens, and authentication credentials that agents use when calling external services on your behalf.

Service Endpoints: Configuration for databases, CI/CD pipelines, deployment targets, and other infrastructure that agents might need to interact with.

Compute Resources: Processing power, memory allocation, and execution environments where agents run code or perform resource-intensive operations.

These resources enable actions like "Create a Linear issue" or "Deploy to staging environment."

Workspace Scoping

Resources are scoped to workspaces, providing natural boundaries for access and permissions.

Isolation by Default

Each workspace has its own set of resources. An agent working in your production workspace uses different credentials and has access to different services than the same agent type in your development workspace.

This isolation prevents accidents: an agent in your development workspace can't accidentally deploy to production, and an agent testing features can't access production customer data.

Resource Inheritance

Workspaces can share resources through inheritance patterns:

  • Organization-level resources: Shared knowledge bases, documentation, and standards available to all workspaces
  • Account-level resources: API connections and services available to workspaces within a billing account
  • Workspace-specific resources: Project credentials, environment-specific configurations unique to each workspace

Cross-Workspace Sharing

When collaboration requires shared resources, you can explicitly grant cross-workspace access with appropriate permissions. This might include shared documentation repositories, common API connections, or collaborative knowledge bases.

Resource Permissions

Access to resources is controlled through fine-grained permission models.

Agent-Level Permissions

When creating or configuring agents, you specify which resources they can access:

  • Read-only knowledge: Agent can search documentation but not modify it
  • API access: Agent can call specific external services
  • Credential usage: Agent can use particular API keys or tokens
  • Service interaction: Agent can deploy, run tests, or trigger builds

Agents only get access to resources necessary for their purpose—a code review agent doesn't need deployment credentials.

Workspace-Level Permissions

Workspace owners and members control resource availability:

  • Resource addition: Who can add new API connections or knowledge bases
  • Credential management: Who can create or rotate API keys
  • Access grants: Who can give agents access to sensitive resources
  • Resource visibility: Which resources are visible to workspace members vs guests

User Permissions

Individual users have their own permission levels for resources:

  • Workspace Owners: Full control over all resources
  • Workspace Members: Access to resources based on their role
  • Workspace Guests: Limited access to specific resources
  • External Integrations: OAuth-scoped access to user-connected services

Resource Management

Adding Knowledge Resources

Link documentation sources to workspaces:

  • Connect repositories: Link GitHub, GitLab, or Bitbucket repos containing documentation
  • Integrate wikis: Connect Notion, Confluence, or Google Docs with team knowledge
  • Import guides: Add architecture decision records, runbooks, or style guides
  • Build context: Agents automatically index and understand your codebase

Configuring Execution Resources

Set up external service connections:

  • OAuth authentication: Connect GitHub, Linear, Slack, or Google Workspace accounts
  • API key management: Securely store and rotate credentials for external services
  • Service configuration: Define endpoints, authentication methods, and access scopes
  • Environment setup: Configure staging, production, and development service URLs

Resource Updates

Resources evolve as your project grows:

  • Documentation sync: Automatically update when connected documentation changes
  • Credential rotation: Update API keys and tokens without reconfiguring agents
  • Scope adjustments: Refine which agents access which resources
  • Deprecation handling: Gracefully migrate when external services change

Resource Security

Credential Protection

Credentials are encrypted at rest and in transit:

  • Never stored in plain text
  • Encrypted using industry-standard algorithms
  • Access logged for audit trails
  • Automatic expiration and rotation support

Access Auditing

Every resource access is logged:

  • Which agent accessed which resource
  • When and why the access occurred
  • What actions were performed
  • Which user authorized the access

Comprehensive audit trails support compliance requirements and security investigations.

Scope Limitation

Agents access only what they need:

  • Minimum necessary permissions principle
  • Time-limited access tokens
  • Revocable access grants
  • Workspace-level policy enforcement

Resource Best Practices

Start Minimal: Begin with basic documentation and credentials, add resources as needs become clear.

Organize by Environment: Keep development, staging, and production resources in separate workspaces.

Regular Audits: Review resource access permissions periodically, removing unused resources and revoking unnecessary access.

Document Resource Purpose: Maintain clear descriptions of what each resource provides and which agents need it.

Secure Credential Rotation: Regularly rotate API keys and credentials, especially for production resources.

Related Concepts

  • Workspaces - Organizational containers for resources
  • Tools - Actions agents take using resources
  • Agents - How agents use resources to accomplish work
  • Authentication - Security model for resource access