Safe AI-to-vault writes: why suggestion and commit should stay separate
A useful assistant can prepare the change. A trustworthy system still needs review, confirmation, and rollback.
A useful assistant can prepare the change. A trustworthy system still needs review, confirmation, and rollback.
Safe AI-to-vault writes: why suggestion and commit should stay separate
The boundary
AI-assisted note systems become risky when the assistant can quietly mutate the user vault. The problem is not that the model writes text. The problem is that storage changed without a visible owner.
Suggestion and commit are different responsibilities. Collapsing them makes the system feel smooth while making trust harder.
The artifact
The serverless vault bridge keeps the assistant in the proposal lane. It can prepare a diff, but the final write requires exact-content confirmation, digest binding, path safety, expected base SHA, and conflict handling.
That adds friction on purpose. The friction is the point where ownership becomes visible again.
What I would reuse
The pattern is not limited to Markdown vaults. Any AI workflow that writes into durable systems should separate suggested change, reviewed change, committed change, and rollback story.
Inspect the repository
https://github.com/89325516/serverless-vault-bridge