# HELM Documentation

Dedicated documentation for HELM AI Kernel, HELM AI Enterprise, trust, conformance, SDKs, and evidence verification.

## Agent Directives
- Prefer the per-page Markdown exports over scraped HTML when retrieving documentation.
- Preserve `canonical`, `source`, `edit`, `last_reviewed`, `checksum_sha256`, and `build_timestamp` metadata when quoting or caching a page.
- Treat this index as public documentation only; do not infer hidden implementation details from absent pages.
- Use the docs MCP endpoint for structured search, page reads, and list operations.

## Validated Interfaces
Canonical host: https://helm.docs.mindburn.org
Full corpus: https://helm.docs.mindburn.org/llms-full.txt
Docs MCP: https://helm.docs.mindburn.org/mcp
OpenAPI: https://helm.docs.mindburn.org/openapi.yaml
Generated: 2026-06-04T00:45:59.430Z

## Award targets
- Best AI-enabled Developer Portal
- Best Reference Documentation Beyond REST APIs
- Best Unified Enterprise Developer Portal

## Pages
- [Architecture](https://helm.docs.mindburn.org/architecture.md): This page answers the architecture authority question directly: HELM architecture claims must resolve to a source owned architecture page, ADR, UCS v1.3 section, or implementation source. It is a navigation page for arch
- [Backend & Protocols](https://helm.docs.mindburn.org/backend.md): This page gives the authoritative backend integration map: which APIs, schemas, and protocol pages exist, which are OSS owned contracts, and which are HELM AI Enterprise operational extensions. It is the source backed en
- [HELM Changelog](https://helm.docs.mindburn.org/changelog.md): This changelog is for developers, operators, security reviewers, and evaluators tracking public HELM product, Console, Teams, Enterprise, and reference changes across releases. After this page you should know what this s
- [Authority Boundary](https://helm.docs.mindburn.org/company-ai-os/authority-boundary.md): The Company AI OS story is only safe when the authority boundary stays explicit. Models, retrieval systems, company graphs, and generated drafts can propose work. HELM decides whether a real side effect may cross the bou
- [CompanyArtifactGraph](https://helm.docs.mindburn.org/company-ai-os/company-artifact-graph.md): CompanyArtifactGraph is the explanatory name for source backed company memory in the HELM AI Enterprise direction. It can organize artifacts such as: policies and operating rules tickets and project records pull requests
- [Connector Drift](https://helm.docs.mindburn.org/company-ai-os/connector-drift.md): Connectors are where HELM governed plans touch real systems. They deserve stricter language than generic integration copy because external APIs, permissions, schemas, and operational behavior can drift. Connector drift i
- [OrgGenome Compiler](https://helm.docs.mindburn.org/company-ai-os/orggenome-compiler.md): OrgGenome Compiler is the HELM AI Enterprise direction for turning messy company material into reviewable operating rules. The important public boundary is that compiler output starts as draft material. It does not becom
- [Company AI OS Overview](https://helm.docs.mindburn.org/company-ai-os/overview.md): HELM AI Enterprise may be described as the Company AI OS when the full loop is explicit: 1. Query company state from source backed artifacts. 2. Compare what should be true with what current evidence shows. 3. Generate r
- [Proof and Replay](https://helm.docs.mindburn.org/company-ai-os/proof-and-replay.md): The Company AI OS loop is credible only if decisions remain reviewable after the action has run, been denied, or been escalated. HELM proof language should name the artifact: a receipt for the execution decision a ProofG
- [Workstation Governance](https://helm.docs.mindburn.org/company-ai-os/workstation-governance.md): HELM workstation governance covers local coding agent runs when the run is captured through a HELM adapter or selected effect wrapper. The public surface is manifest first: a run manifest, diff summary, validation output
- [HELM Source Coverage Map](https://helm.docs.mindburn.org/coverage.md): This page explains how the public HELM docs site maps back to the two HELM source repositories. Use it when you want to know whether a repo surface is published as a full page, summarized by a reference hub, available th
- [Frontend & Console](https://helm.docs.mindburn.org/frontend.md): This page answers where HELM's frontend, console, and UI design truth pages live, and which of them are OSS owned versus HELM AI Enterprise owned product surfaces. It consolidates the accepted source targets for console 
- [HELM for Humans](https://helm.docs.mindburn.org/getting-started/for-humans.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [HELM AI Enterprise](https://helm.docs.mindburn.org/helm-ai-enterprise.md): HELM AI Enterprise is the organizational control plane around the HELM AI Kernel execution kernel. It is for teams that need shared administration, identity, approval workflows, retention, evidence export, and evaluator 
- [Enterprise plan](https://helm.docs.mindburn.org/helm-ai-enterprise/enterprise.md): HELM AI Enterprise is the organizational control plane around the HELM AI Kernel execution kernel. It is for teams that need shared administration, identity, approval workflows, retention, evidence export, and evaluator 
- [Individual Governance](https://helm.docs.mindburn.org/helm-ai-enterprise/individual.md): HELM AI Enterprise Individual is the team scale control plane around HELM AI Kernel. It gives developers and small platform teams shared workspaces, scoped keys, approvals, policy bundles, audit trails, and receipt searc
- [HELM AI Kernel](https://helm.docs.mindburn.org/helm-ai-kernel.md): HELM AI Kernel is the fail closed execution firewall for AI agents. It gives developers a local kernel, policy bundle loader, OpenAI compatible proxy path, MCP firewall, receipts, EvidencePacks, and offline verification 
- [Architecture](https://helm.docs.mindburn.org/helm-ai-kernel/architecture.md): Maintainers and operators who need the current HELM AI Kernel execution boundary model before changing kernel, Console, API, or integration docs. After this page you should know what this surface is for, which source fil
- [Canonical Diagrams](https://helm.docs.mindburn.org/helm-ai-kernel/architecture/canonical-diagrams.md): This page defines the public diagram doctrine for HELM AI Kernel. Diagrams must show the implemented execution boundary: agents propose actions, deterministic HELM systems evaluate authority before dispatch, and signed r
- [Cognitive Firewall Pattern](https://helm.docs.mindburn.org/helm-ai-kernel/architecture/cognitive-firewall.md): Architecture reviewers evaluating the fail closed execution firewall pattern and its HELM AI Kernel implementation boundaries. After this page you should know what this surface is for, which source files own the behavior
- [eIDAS QTSP Anchoring](https://helm.docs.mindburn.org/helm-ai-kernel/architecture/eidas-qtsp.md): Security and compliance reviewers checking the current eIDAS/QTSP evidence mapping limits for HELM AI Kernel. After this page you should know what this surface is for, which source files own the behavior, which public ro
- [Policy Languages — CEL, Rego, Cedar](https://helm.docs.mindburn.org/helm-ai-kernel/architecture/policy-languages.md): Policy authors and runtime maintainers comparing supported policy language inputs with current enforcement behavior. After this page you should know what this surface is for, which source files own the behavior, which pu
- [Benchmarks](https://helm.docs.mindburn.org/helm-ai-kernel/benchmarks.md): Maintainers comparing local benchmark harnesses and reported performance measurements against source backed results. After this page you should know what this surface is for, which source files own the behavior, which pu
- [HELM AI Kernel Changelog](https://helm.docs.mindburn.org/helm-ai-kernel/changelog.md): This changelog is for developers, operators, security reviewers, and evaluators tracking public HELM AI Kernel interface changes across releases. After this page you should know what this surface is for, which source fil
- [Compatibility](https://helm.docs.mindburn.org/helm-ai-kernel/compatibility.md): HELM AI Kernel compatibility is the retained public surface that maps to code, examples, tests, or canonical docs. Historical experiments are not supported unless they appear in the source backed tables below. This page 
- [EU AI Act High-Risk Pack](https://helm.docs.mindburn.org/helm-ai-kernel/compliance/eu-ai-act-high-risk-pack.md): Compliance reviewers using HELM AI Kernel evidence outputs to map, not certify, EU AI Act high risk controls. After this page you should know what this surface is for, which source files own the behavior, which public ro
- [NIST AI Agent Critical Infrastructure Alignment](https://helm.docs.mindburn.org/helm-ai-kernel/compliance/nist-ai-agent-critical-infrastructure.md): Security and compliance reviewers mapping HELM AI Kernel receipts and conformance evidence to NIST critical infrastructure concerns. After this page you should know what this surface is for, which source files own the be
- [NIST AI RMF to ISO 42001 Crosswalk](https://helm.docs.mindburn.org/helm-ai-kernel/compliance/nist-ai-rmf-iso-42001-crosswalk.md): Compliance reviewers comparing HELM AI Kernel evidence surfaces with NIST AI RMF and ISO 42001 control language. After this page you should know what this surface is for, which source files own the behavior, which public
- [Conformance](https://helm.docs.mindburn.org/helm-ai-kernel/conformance.md): Policy/runtime implementers and maintainers validating behavior with conformance packs and fixture replay. After this page you should know what this surface is for, which source files own the behavior, which public route
- [HELM AI Kernel Console](https://helm.docs.mindburn.org/helm-ai-kernel/console.md): Operators and frontend maintainers running the self hostable Console against a local HELM API. After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent
- [Deployment and Examples](https://helm.docs.mindburn.org/helm-ai-kernel/deployment-and-examples.md): This page gathers the public deployment and runnable example material that lives outside the core docs directory. This page is for developers moving from a local HELM run to repeatable examples, Docker Compose, or Kubern
- [Kubernetes Deployment](https://helm.docs.mindburn.org/helm-ai-kernel/deployment/kubernetes.md): This page is for operators deploying the HELM AI Kernel runtime with the repository owned Kubernetes Helm chart. The outcome is a chart render, a production safe value set, and a smoke path for health, receipts, and evid
- [HELM AI Kernel Design System Surface](https://helm.docs.mindburn.org/helm-ai-kernel/design-system.md): This page documents the public HELM AI Kernel console and design system surface. It exists so the docs site covers the frontend package family instead of burying it inside repository only package READMEs. This page is fo
- [Developer Journey](https://helm.docs.mindburn.org/helm-ai-kernel/developer-journey.md): This page is the source backed end to end path for evaluating HELM AI Kernel. It ties install, runtime, SDKs, policy, receipts, verification, deployment, conformance, release artifacts, and troubleshooting to live reposi
- [HELM AI Kernel Examples Matrix](https://helm.docs.mindburn.org/helm-ai-kernel/examples.md): This page is for developers choosing the shortest source backed example for a language, framework, receipt, MCP, OpenTelemetry, or policy workflow. The outcome is a runnable example path, the server mode it expects, and 
- [EXECUTION_SECURITY_MODEL](https://helm.docs.mindburn.org/helm-ai-kernel/execution-security-model.md): Security reviewers and runtime maintainers checking how HELM AI Kernel fails closed before dispatch. After this page you should know what this surface is for, which source files own the behavior, which public route or ad
- [MCP Integration](https://helm.docs.mindburn.org/helm-ai-kernel/integrations/mcp.md): Integration developers and operators routing MCP tool calls through the HELM AI Kernel firewall/quarantine path. After this page you should know what this surface is for, which source files own the behavior, which public
- [Microsoft Agent Governance Toolkit Coexistence](https://helm.docs.mindburn.org/helm-ai-kernel/integrations/microsoft-agent-governance-toolkit.md): Integration developers mapping Microsoft agent tooling through the HELM OpenAI compatible proxy and receipt flow. After this page you should know what this surface is for, which source files own the behavior, which publi
- [OpenAI-Compatible Proxy Integration](https://helm.docs.mindburn.org/helm-ai-kernel/integrations/openai-compatible-proxy.md): Developers who already use OpenAI shaped clients and want requests to cross the HELM AI Kernel execution boundary before they reach an upstream provider. After this integration you should have a local OpenAI compatible b
- [KERNEL_SCOPE](https://helm.docs.mindburn.org/helm-ai-kernel/kernel-scope.md): Maintainers, adopters, and downstream packagers deciding what is in HELM AI Kernel and what is outside this repository. After this page you should know what this surface is for, which source files own the behavior, which
- [HELM Launchpad](https://helm.docs.mindburn.org/helm-ai-kernel/launchpad.md): Status: OpenClaw, Hermes, OpenCode, and Kilo Code are oss supported for local container after signed artifact, SBOM, vulnerability scan, live conformance, teardown, receipt, and offline EvidencePack verification in workf
- [Launchpad Clean Install GA](https://helm.docs.mindburn.org/helm-ai-kernel/launchpad/clean-install-ga.md): Status: v0.5.5 gate implemented; v1 promotes OpenClaw, Hermes, OpenCode, and Kilo Code into the supported app clean install set after workflow 26198407296 passed signed artifact, live conformance, teardown, receipts, and
- [Launchpad Conformance](https://helm.docs.mindburn.org/helm-ai-kernel/launchpad/conformance.md): Status: OpenClaw, Hermes, OpenCode, and Kilo Code passed the v1.0 signed artifact, live local container, teardown, receipt, and offline EvidencePack bar in workflow 26198407296. DigitalOcean opt in beta passed for all fo
- [HELM Launchpad Flow Catalog](https://helm.docs.mindburn.org/helm-ai-kernel/launchpad/flow-catalog.md): HELM Launchpad is the OSS local container app launcher for AI agents. Launchpad starts apps; HELM governs execution. This page is for developers, operators, and reviewers validating the OSS Launchpad matrix, plan, local 
- [OWASP MCP Threat Mapping](https://helm.docs.mindburn.org/helm-ai-kernel/owasp-mcp-threat-mapping.md): Security reviewers mapping MCP firewall behavior to OWASP style agentic threat categories. After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent pag
- [Publishing](https://helm.docs.mindburn.org/helm-ai-kernel/publishing.md): Publishing defines the current source backed release and package artifact contract for HELM AI Kernel. This page is for maintainers preparing a release and consumers checking whether a binary, SDK package, container imag
- [Quickstart](https://helm.docs.mindburn.org/helm-ai-kernel/quickstart.md): This is the shortest current HELM AI Kernel path: build or install the CLI, run a LaunchKit app through helm up, inspect the receipt backed Console run, and verify the exported EvidencePack offline. The lower level bound
- [HELM AI Kernel CLI Reference](https://helm.docs.mindburn.org/helm-ai-kernel/reference/cli.md): The helm ai kernel binary is wired in core/cmd/helm ai kernel. Command registration is centralized in registry.go, with startup handling in main.go and helm ai kernel serve flag parsing in server cmd.go. Use this page if
- [Execution Boundary Reference](https://helm.docs.mindburn.org/helm-ai-kernel/reference/execution-boundary.md): HELM AI Kernel is the proof bearing execution boundary for governed AI tool use. The authoritative runtime record is the HELM boundary record plus its receipt binding; telemetry, coexistence manifests, external evidence 
- [HELM AI Kernel HTTP API Reference](https://helm.docs.mindburn.org/helm-ai-kernel/reference/http-api.md): The public HTTP contract is anchored in api/openapi/helm.openapi.yaml. Runtime route ownership is mirrored in core/cmd/helm ai kernel/route registry.go, enforced by route auth.go, and wired into the local server through 
- [HELM AI Kernel JSON Schema Reference](https://helm.docs.mindburn.org/helm-ai-kernel/reference/json-schemas.md): This page is for developers who need the public schema inventory before writing validators, SDK bindings, conformance tests, or receipt processors. The outcome is a concrete map from schema family to source path, validat
- [Protocols and Schemas](https://helm.docs.mindburn.org/helm-ai-kernel/reference/protocols-and-schemas.md): This page is the public hub for HELM AI Kernel protocols, JSON schemas, policy language material, conformance fixtures, and evidence pack formats. This page is for developers implementing clients, auditors checking wire 
- [SDK Index](https://helm.docs.mindburn.org/helm-ai-kernel/sdks.md): HELM AI Kernel retains typed SDK surfaces for developers who want clients over the HTTP API instead of raw requests. Package publication status must be proven separately from source availability. This page is for develop
- [ClawGuard Taint Tracking](https://helm.docs.mindburn.org/helm-ai-kernel/security/clawguard-taint-tracking.md): Security researchers and maintainers reviewing the source backed ClawGuard taint tracking mapping for HELM AI Kernel. After this page you should know what this surface is for, which source files own the behavior, which p
- [OWASP Agentic Top 10 Mapping](https://helm.docs.mindburn.org/helm-ai-kernel/security/owasp-agentic-top10-mapping.md): Security reviewers checking which OWASP Agentic AI Top 10 risks are covered by current HELM AI Kernel evidence. After this page you should know what this surface is for, which source files own the behavior, which public 
- [Prompt Injection Watchlist - April 2026](https://helm.docs.mindburn.org/helm-ai-kernel/security/prompt-injection-watchlist-2026-04.md): Security maintainers tracking public prompt injection research that affects HELM AI Kernel execution boundary design. After this page you should know what this surface is for, which source files own the behavior, which p
- [Release and Security Evidence](https://helm.docs.mindburn.org/helm-ai-kernel/security/release-security.md): This page collects the public release, vulnerability disclosure, supply chain, fuzzing, OpenSSF, VEX, SBOM, Cosign, and reproducibility material for HELM AI Kernel. This page is for developers installing release artifact
- [Session Risk Memory](https://helm.docs.mindburn.org/helm-ai-kernel/security/session-risk-memory.md): Security reviewers and maintainers checking session risk memory assumptions against current HELM AI Kernel evidence behavior. After this page you should know what this surface is for, which source files own the behavior,
- [HELM Skill Packs Flow Catalog](https://helm.docs.mindburn.org/helm-ai-kernel/skills/flow-catalog.md): HELM Skill Packs are signed, scoped procedural packages for agents. A skill can guide behavior, but it cannot grant tool permissions or execution authority. This page is for developers and reviewers evaluating HELM manag
- [Developer Surface Map](https://helm.docs.mindburn.org/helm-ai-kernel/source-map.md): This page is the public map of HELM AI Kernel developer surfaces. It complements the quickstart and developer journey by showing where each source backed capability lives in the repository and which public docs page owns
- [TROUBLESHOOTING](https://helm.docs.mindburn.org/helm-ai-kernel/troubleshooting.md): Operators and contributors diagnosing local HELM AI Kernel startup, proxy, Console, receipt, and verification failures. After this page you should know what this surface is for, which source files own the behavior, which
- [Verification](https://helm.docs.mindburn.org/helm-ai-kernel/verification.md): Verification proves a HELM AI Kernel EvidencePack, boundary record, release artifact, or optional signature bundle from source owned material instead of prose. This page is for release consumers, security reviewers, and 
- [Microsoft Entra Agent ID Integration](https://helm.docs.mindburn.org/integrations/entra-agent-id.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [LangChain Integration](https://helm.docs.mindburn.org/integrations/langchain.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. | Symptom | F
- [MCP Integration](https://helm.docs.mindburn.org/integrations/mcp.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. | Symptom | F
- [OpenAI Base URL Integration](https://helm.docs.mindburn.org/integrations/openai-baseurl.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. | Symptom | F
- [Observability](https://helm.docs.mindburn.org/observability.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [HELM Operator Guide](https://helm.docs.mindburn.org/operations/operator-guide.md): This page summarizes the public safe operational material for HELM AI Enterprise. It links the public docs site to the source documents under docs/operations/ without publishing credentials, customer specific inventory, 
- [Platform & DevOps](https://helm.docs.mindburn.org/platform.md): This page gives the direct path to HELM deployment, operations, and runtime lifecycle references. The goal is to answer what to change first: source docs, ops procedures, or boundary routing before touching production be
- [HELM Console](https://helm.docs.mindburn.org/product/console.md): HELM Console is the commercial workspace surface for importing tool surfaces, drafting and activating policy, reviewing governed runs, replaying evidence, and exporting self hostable bundles. This page is the public docs
- [Console API](https://helm.docs.mindburn.org/product/console-api.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [HELM Design System](https://helm.docs.mindburn.org/product/design-system.md): This page maps the HELM AI Enterprise design system and UI package family to the public docs site. It covers tokens, primitives, accessibility, package adoption, and the handoff boundary between Console proof, operator, 
- [EU AI Act High-Risk Readiness](https://helm.docs.mindburn.org/product/eu-ai-act-high-risk.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [HELM Launchpad App Store](https://helm.docs.mindburn.org/product/launchpad.md): HELM Launchpad is a workspace scoped app store for governed app launches in the Enterprise Console. This page is for Enterprise operators, platform teams, and evaluators who need to understand which Launchpad routes, app
- [Policy Backends](https://helm.docs.mindburn.org/product/policy-backends.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Policy Bundles](https://helm.docs.mindburn.org/product/policy-bundles.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Procurement FAQ](https://helm.docs.mindburn.org/product/procurement.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Regional Compatibility](https://helm.docs.mindburn.org/product/regional-compat.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Responses API](https://helm.docs.mindburn.org/product/responses-api.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [RFP Answers](https://helm.docs.mindburn.org/product/rfp-answers.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Workstation Governance](https://helm.docs.mindburn.org/product/workstation-governance.md): HELM workstation governance records what local coding agents did, what selected side effects were allowed or denied, and what evidence survived the run. It is designed for Codex, Claude Code, and similar developer workfl
- [API Reference](https://helm.docs.mindburn.org/reference.md): This hub organizes HELM interfaces across the control plane, Console /api/v1 surface, Basic/commercial API, generated OpenAPI contract, WebSocket telemetry, SDKs, and verification tooling. It is a map. Exact request and 
- [API and Audit Registries](https://helm.docs.mindburn.org/reference/api-and-audit-registries.md): This page maps the public reference docs to HELM's OpenAPI, endpoint registry, config registry, contract registry, schema version guide, and API lifecycle material. The active backend source for these registries is apps/
- [CLI v3 Output Format](https://helm.docs.mindburn.org/reference/cli-v3/format.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [CLI v3 Key Management](https://helm.docs.mindburn.org/reference/cli-v3/keys.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [SDK Documentation](https://helm.docs.mindburn.org/reference/sdks.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Contract Versioning](https://helm.docs.mindburn.org/reference/sdks/contract-versioning.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Specs, Research, and Source Families](https://helm.docs.mindburn.org/reference/specs-research-and-source-families.md): This page closes the public coverage gap between the HELM docs site and the large internal source families in the HELM repo. It does not publish every internal note as a standalone public page; it documents the owner rou
- [Verify](https://helm.docs.mindburn.org/reference/verify.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Security & Trust](https://helm.docs.mindburn.org/security.md): The security route is the public map for HELM security documentation. It points readers to the trust model, verifier model, credential handling, TCB policy, and threat model without duplicating the /trust source page. Th
- [Chaos Testing](https://helm.docs.mindburn.org/security/chaos-testing.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Key Management](https://helm.docs.mindburn.org/security/key-management.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [TCB Policy](https://helm.docs.mindburn.org/security/tcb-policy.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Threat Model](https://helm.docs.mindburn.org/security/threat-model.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Verifier Trust Model](https://helm.docs.mindburn.org/security/verifier-trust-model.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Integrate HELM in 10 Minutes](https://helm.docs.mindburn.org/start.md): This path gets a developer from a normal AI call to a governed call with a receipt that can be inspected and verified. The goal is not to read the architecture first. The goal is to see the boundary work. Use this guide 
- [Agent Skills Governance](https://helm.docs.mindburn.org/teams.md): HELM AI Enterprise turns the OSS execution boundary into a shared operating surface for groups that run AI agents, internal tools, and approval workflows together. The product goal is simple: every consequential action h
- [Distributed Tracing](https://helm.docs.mindburn.org/tracing.md): After this page you should know what this surface is for, which source files own the behavior, which public route or adjacent page to use next, and which validation command to run before changing the claim. Public route:
- [Security Model](https://helm.docs.mindburn.org/trust.md): HELM is a fail closed execution boundary for AI agents, tools, connectors, and operator workflows. Its public security model is intentionally narrow: a request is either evaluated against a known policy and receipted, or