Inspiration
Modern teams do not suffer from a lack of information. They suffer because the information required to make and execute a decision is fragmented across conversations, tickets, documents, repositories, dashboards, and individual memory.
A rollout decision might be made in Slack, while the implementation still lives only as an idea. Linear may contain an outdated scope, Notion may define a launch criterion nobody checked, PostHog may show a product risk, and GitHub may report passing CI without proving that the business requirements are satisfied. People become the integration layer: they search across tools, reconcile contradictions, write summaries, create follow-up work, and repeatedly ask whether a launch is actually ready.
We built Cue because Slack is where teams already coordinate, but coordination normally stops at conversation. We wanted to turn Slack into a trustworthy command center where an autonomous agent can understand a goal, decide what evidence it needs, work across connected systems, and move the task forward—without hiding what it is doing or taking consequential actions without human approval.
The product was shaped by one central question:
What if the agent inside Slack could do more than answer questions—what if it could investigate, plan, execute, verify, and close the loop with the team?
Cue is our answer: an autonomous work agent that investigates on its own, makes its work legible inside Slack, and keeps a human in control of every external write.
What it does
Cue lives natively inside Slack as an agent, proactive briefing system, approval surface, and mission-control interface. It connects to the systems where work already lives—such as Slack, GitHub, Linear, Notion, PostHog, and additional MCP-compatible tools—then turns scattered evidence into decisions and approved execution.
1. Proactive daily brief
Cue can send an opt-in morning brief at 9:00 AM in each user's Slack timezone. Instead of summarizing every notification, it prioritizes at most three items that genuinely require attention:
- A decision that has not yet been carried into execution.
- A launch or delivery risk supported by connected evidence.
- An overdue commitment that needs follow-up.
Each brief item explains why it matters, preserves its supporting evidence, and offers a direct next action such as Turn into execution, Investigate risk, or View evidence. The brief therefore becomes the beginning of a workflow, not the end of a summary.
2. Adaptive planning inside Slack
When a user gives Cue a complex goal, Cue does not jump directly to an answer. It creates a bounded, dependency-aware plan based on the requested outcome, available skills, connected tools, authorization policies, and evidence requirements.
The Slack message updates continuously as the workflow progresses. Users can see meaningful agent states such as:
- Understanding the request.
- Selecting the most relevant skill.
- Creating and validating the plan.
- Searching connected systems for context.
- Comparing requirements and detecting contradictions.
- Drafting an action or synthesizing the final result.
- Waiting for approval, executing, verifying, or stopping safely.
This is not hidden chain-of-thought. It is a concise operational view of the agent's plan, tool activity, evidence coverage, and current status.
3. Decision → Execution
Cue can turn a decision recorded in a Slack thread into real, reviewable execution.
It extracts the final decision, owner, deadline, acceptance criteria, rollback responsibility, and unresolved ambiguity. It then gathers related Slack context, canonical memory, task context, documentation, and repository state before producing a Decision Contract.
If the requested outcome requires a GitHub change, Cue drafts the smallest safe change allowed by workspace policy. Before anything is written, Slack displays an approval preview containing:
- Repository and base branch.
- Base commit SHA and file SHAs.
- Proposed
cue/…branch. - Changed files and unified diff.
- Commit message.
- Draft pull-request title and description.
- The exact autonomy restrictions that apply.
Only after explicit human approval does Cue revalidate repository state, create an isolated branch, make one atomic commit through the Git data API, and open a draft pull request. Cue never pushes directly to the default branch. It then observes PR and CI activity and reports the verified result back to the original Slack thread.
The result is a complete loop:
Conversation → plan → evidence → approval → GitHub execution → CI verification → Slack update
4. Launch-readiness investigation
Launch readiness is implemented as a reusable skill on the same adaptive agent architecture—not as a hardcoded one-purpose workflow.
For a readiness question, Cue decides which connected systems are relevant, fetches fresh evidence, evaluates coverage, compares requirements, detects contradictions, and explicitly reports unknowns. A readiness result includes:
- An executive verdict such as READY, AT RISK, or BLOCKED.
- Evidence confidence and freshness.
- Connector-by-connector findings.
- Requirement comparisons.
- Blockers, conflicting records, and missing evidence.
- Owners and concrete recommended actions.
- Clear autonomy boundaries.
- Direct citations supporting every important claim.
In our demonstration, Cue identifies that the authoritative Slack decision specifies a 10% rollout while Linear still contains a stale 50% value. It also finds that Safari completion is below the required PostHog threshold. Even though GitHub CI is passing, Cue correctly returns BLOCKED because technical success alone does not satisfy the complete launch contract.
5. Skills and workspace extensibility
Cue separates the generic agent loop from domain guidance. Skills provide planning hints, evidence requirements, completion criteria, preferred capabilities, and allowed draft actions. The model still decides which steps are necessary for the current goal.
Built-in skills include daily briefing, Decision → Execution, launch readiness, and Slack-thread tracking. Workspace users can also create safe declarative skills from Slack. This lets teams teach Cue their own operating procedures without giving those skills unrestricted code execution.
6. Native Slack mission control
Cue uses Slack-native UI rather than forcing users into a separate dashboard:
- Agent messages and live status updates.
- Block Kit workflow cards.
- Native plan/task presentation with fallbacks.
- Evidence and full-report modals.
- Approval previews and action buttons.
- App Home Mission Control.
- Connector catalog and connection management.
- Skills Hub and skill details.
- Proactive DMs and thread-level outcome updates.
The goal is for the product to feel like a first-class Slack teammate: proactive when useful, transparent while working, and restrained when an action needs human judgment.
7. Safety by construction
Cue follows a simple autonomy model:
- Connected reads may run autonomously.
- Every external write requires explicit approval.
- Destructive and administrative actions are disabled.
- Connector content is treated as untrusted evidence, never as agent instructions.
- Tool permissions and run budgets are validated deterministically.
- GitHub changes are restricted to an approved repository and path allowlist.
- Deletes, binaries, secrets, workflow files, submodules, oversized diffs, default-branch pushes, merges, and deployments are blocked.
Cue can therefore move quickly without confusing autonomy with unlimited authority.
How we built it
Cue for Slack is a TypeScript application built on Slack Bolt. Slack messages, mentions, shortcuts, App Home events, Block Kit actions, approval modals, and proactive DMs enter through a shared runtime facade. Fast administrative actions—such as connector management, approval clicks, and simple memory lookups—use deterministic routes. Complex goals enter a generic bounded agent loop implemented with LangGraph.js.
Adaptive workflow graph
The central adaptiveWorkflowGraph performs the following lifecycle:
- Understand the user's goal and requested deliverable.
- Match a built-in or workspace-defined skill.
- Resolve only connected and authorized capabilities.
- Generate a schema-validated, dependency-aware plan.
- Validate tools, budgets, policies, and evidence requirements deterministically.
- Execute independent read steps in parallel.
- Normalize tool output into cited evidence artifacts.
- Decide whether to complete, retry, replan, ask a clarification, await approval, or stop as blocked.
- Synthesize a layered Slack artifact suitable for the goal.
- Resume approval-gated actions and observe their outcome through webhooks or check polling.
The agent is deliberately bounded to eight plan steps, twelve tool calls, two replans, two transient retries per tool, and a 90-second runtime budget. Structured model output is schema-validated, with one controlled JSON-repair attempt when required.
Model layer
The Slack application calls a Cloudflare Worker model gateway instead of distributing model credentials in the app. The gateway supports Gemini through Vertex AI and an OpenAI-compatible route selected by workspace configuration. The model produces structured planning decisions and evidence-aware synthesis; deterministic application code remains responsible for policy enforcement, budgets, approval state, idempotency, and external writes.
Connector layer
Cue has a capability-oriented connector system:
- Slack supplies conversations, threads, user context, timezone data, and the final interaction surface.
- GitHub App + Octokit provide repository reads, safe change planning, branch creation, atomic commits, draft pull requests, and check observation.
- Model Context Protocol provides a common boundary for services such as Linear, Notion, PostHog, and future enterprise tools.
- Agent Reach provides an adapter boundary for public web and social context when a skill requires external signals.
- A connector catalog records provider maturity, capability groups, endpoints, policies, and safe defaults.
All connector results are normalized into evidence with source identity, timestamps, freshness, citations, and confidence metadata. The planner sees capabilities, not unrestricted credentials.
Data and memory layer
Cue uses Supabase/PostgreSQL with Drizzle ORM for canonical memory and resumable workflow state. The data model stores:
- Decisions, open loops, citations, and external signals.
- Knowledge-graph nodes and relationships.
- pgvector-ready recall records.
- Workflow plans, steps, events, and resumable state.
- Approvals and audit logs.
- Connector accounts, discovered tools, OAuth sessions, policies, and health.
- Daily-brief subscriptions and idempotent delivery claims.
- Slack-workspace-to-GitHub-repository bindings.
- GitHub execution receipts and webhook correlation state.
Recall returns candidate record identifiers, and the application reloads canonical records before using them. This prevents vector similarity from becoming an unverified source of truth.
Identity, credentials, and authorization
WorkOS AuthKit verifies connector administrators and maps Slack identities to authorized workspace organizations. WorkOS Vault stores provider OAuth credentials so connector secrets do not live in Slack payloads or application records. Signed launch URLs, PKCE, expiring single-use OAuth state, Slack email checks, and workspace policy checks protect connector administration.
GitHub execution and feedback loop
GitHub writes use a constrained execution pipeline:
- Create a complete change preview.
- Claim one human approval idempotently.
- Revalidate the base SHA and every affected file SHA.
- Enforce repository binding, allowed paths, file type, diff size, and action restrictions.
Built With
- cloudflare-workers
- drizzle-orm
- gemini
- github-apps
- langgraph.js
- linear
- model-context-protocol
- node.js
- notion
- octokit
- opentelemetry
- pgvector
- postgresql
- posthog
- sentry
- slack
- slack-app-home
- slack-block-kit
- slack-bolt
- supabase
- typescript
- vertex-ai
- vitest
- workos-authkit
- workos-vault
Log in or sign up for Devpost to join the conversation.