VaultHelm
AI that builds forward, not from scratch.
v0.19.2 — production. 24 documented behavioral rules. 6 surfaces, one identity. Built in 18 days.
vaulthelm.com
Every commercial AI product treats your tenth session like your first.
Re-explain every session
You re-explain your business, your clients, your conventions — every time. The AI starts at zero. You do the work of being its memory.
Same catch, last week
The AI catches the same mistake it caught last week. Because it didn't remember the catch. The correction evaporated at session end.
You become the bottleneck
You become the AI's memory. The AI becomes the bottleneck. Every productivity gain you expected gets taxed back in re-orientation overhead.
This is the entire industry's failure mode.
It's not a memory bug. It's an architecture choice.
Why vendors built it this way
Every commercial AI vendor optimizes for breadth — millions of users, no per-customer state, infinite cold-starts. That works for casual use. It collapses for high-context work where every operator has decades of conventions, clients, and accumulated judgment the AI needs to know before the first useful response.
Why vendor memory APIs don't fix it
Vendor memory APIs paper over the gap. They store opaque snippets and hope the model retrieves the right ones. They are NOT operator-readable, NOT operator-editable, NOT searchable with grep, and NOT yours when you leave the vendor.

VaultHelm flips the default. Memory is operator-owned. The framework rides on top.
VaultHelm = Vault + Helm
VAULT
Your data, your hardware, plain markdown. Every fact searchable. Every change tracked. Operator-readable, operator-editable. No vendor memory black box. Backed up however you back up.
  • Git-tracked, grep-searchable
  • Yours when you leave any vendor
  • No opaque retrieval — you see everything
HELM
The steering layer that learns your work. Boot gate. Behavioral calibration. Self-policing discipline mechanisms. Multi-surface identity continuity. Always grounded in the vault.
  • 24 DELTAs loaded at every session start
  • Doctrine file governs behavior across surfaces
  • Trust tiers per surface type
One identity across every surface — CLI, browser, voice, partner deployment. First session is slow. Session ten is fast — because it isn't asking what it already knows.
24 documented behavioral corrections. Loaded at every boot.
When the AI gets something wrong, the operator corrects it. The correction becomes a structured rule named DELTA-NNN — filed in the calibration file, loaded at every session start on every surface. The system literally cannot make the same mistake twice.
DELTA-007  Scope Colors
GREEN: execute freely. YELLOW: announce-and-proceed.
RED: gate to operator. Inviolable.

DELTA-013  Preflight Blocker Scan
Before any architectural work, scan dashboard +
lessons + recaps for active blockers. Surface them
in the FIRST operator exchange.

DELTA-017  Backup-First, All Surfaces
Any non-vault production write must enumerate the
backup path before proceeding. Required output format.

ChatGPT doesn't have these. Claude doesn't have these. Copilot doesn't have these. We have them because we filed every operator correction as a permanent rule.
Local LLMs propose. Gateway AI ratifies. The vault stays clean.
Why two tiers?
Local models hallucinate at higher rates than gateway models. That's a known constraint. We turned it into structure: local surfaces can READ the vault freely, but WRITES route through a queue the gateway model reviews.
What happens to bad suggestions?
Bad suggestions get rejected with a calibration note. Good ones land cleanly. The vault never carries hallucinated content. The queue is operator-visible at any time.
Operator-owned memory has a cost: curation discipline. We built the AI to carry 80% of it.
Vault-as-memory drifts without maintenance. Indexes go stale. Wikilinks break. Recaps don't get filed. Old decisions contradict new ones. Without discipline, the operator burns out filing — and the system collapses back to vendor-memory.
AUTO-CURATION TRIGGERS (14 catalogued, 7 shipped):

CURATION-001  Session-end recap check
CURATION-003  Inbox drain (T1 captures → filed)
CURATION-004  Recap-drift scan at boot
CURATION-009  DELTA schema validation
CURATION-010  Wikilink resolution
CURATION-011  MEMORY.md path drift
CURATION-014  Per-device memory mirror

Each trigger: signal + threshold + cooldown.
Reversible by design (audit log + backup + rollback).
Tier-respecting (T1 stages, T2 executes low-stakes).
Target: ~80% AI-borne discipline tax. Operator handles the 20% that requires judgment.
AI as Executive Officer. Operator as Commanding Officer.
Most AI "agents" are either fully autonomous (risky) or per-action approval (slow). VaultHelm uses a third model: scoped delegation.
The Pattern
- Operator (CO) delegates scoped ownership to AI (XO)
- "You are Captain of [system X] for [timeframe Y]"
- XO files a captain brief: what, why, success criteria
- XO operates within standing orders (DELTAs, doctrine)
- XO reports up at natural breakpoints (not per action)
- XO surfaces emerging risks proactively
- XO returns scope on completion phrase
- Default captaincy resumes
Worked Example
CAPTAINCY: 7-hour autonomous session
Hardware build — single operator session:

- PSU swap (1500W upgrade)
- Second GPU install (dual-card verified)
- Monitoring agent deployed
- Telemetry instrumented
- 9 inference models pulled + validated
- ~30 vault files updated
- Zero approval-fatigue. Clean scope return.

This is the level of trust delegation no commercial AI product implements.
One AI identity across every surface. Trust capital transfers.
Most operators using AI today maintain four chatbots — ChatGPT for one thing, Claude for another, Copilot for code, a local LLM for private work. Each starts at zero context. Each has its own quirks. Each has to be calibrated separately.
CLI
Claude API
BROWSER
Local LLM
VOICE
Hardware device
CRT TERMINAL
Retro surface
PARTNER
External deploy
BG SERVICES
Async automation
Capabilities differ per surface. Identity does not. Trust earned in one conversation transfers to all of them.
First external operator deployed. Day +1 numbers.
6
DELTAs filed — Day 1
Calibration tightened in real-time as the operator caught the first class of regressions
3
Deliverables shipped
Intake form + audience segments — same day, production quality
8,674
Targeted leads queued
Production outreach work. Not a demo. Real campaign data.
30min
Capability → throughput
From "tool capability missing" to "deliverable shipped"
18
Days to build
Zero to multi-operator, multi-surface production framework
9.2
Independent review score
"Production-grade infrastructure" — independent architecture reviewer
This is one operator's first day. The framework was three weeks old.
What VaultHelm did tonight, in one operator session:
20:00  Browser-chat AI hallucinated competitive pricing
20:02  Operator caught it, directed: "fix it"
20:18  AI filed structured rule (DELTA-019)
       Forbidden: dollar amounts, market sizing,
       "no one has done this" — without citation chain.
20:30  AI registered vaulthelm.com via DNS API
       (built credential-safe Python wrapper after
       gate caught initial URL-leak attempt)
20:45  AI generated this pitch deck via API
21:05  vaulthelm.com pointed at deck. Live.

It caught the failure, fixed the rule, launched the domain, and shipped the deck — all in one session.
VaultHelm is for the four-trait operator.
Field-Ops Background
Decisions under uncertainty. Comfortable with incomplete information. Operates without hand-holding.
Self-Motivated
No manager calibration needed. Sets own bar. Holds own standard. Doesn't need the system to tell them what good looks like.
Pattern-Thinker
Sees system structure across domains. Recognizes when the same problem has three names in three departments.
High Cognitive Tempo
Parallel threads, fast context switches. The framework is designed to keep up — not slow down — the operator.
If you're the median knowledge worker, you need Asana or Notion. Operator-fit screening is part of the product. The framework only delivers value when calibrated to an operator who already has a quality bar.
Six surfaces. One identity. One vault.
All surfaces share one calibration. All preserve one chronicle. The vault is the single source of truth — readable, editable, and searchable by the operator at any time.
The moat is uncopyable.
1
Accumulated Calibration
24 DELTAs took 18 days of one operator catching one regression at a time. A competitor cloning the codebase still has zero DELTAs. The work that matters lives in the operator-AI relationship history — not the code.
2
Working-Relationship Substrate
Trust capital that compounds. The AI knows what you've already asked, what you decided, what worked, what didn't. New operator on stolen code starts at zero trust. They live the same 18 days you did.
3
Operator-Fit Screening
VaultHelm explicitly excludes the median market. Selling to the wrong operator is the failure mode — and we documented why. A competitor scaling horizontally hits the same wall we avoided.
4
Managed-Tier Operations
Hosted memory, ongoing curation, captaincy support. Operational labor, not just code. Code can be open. Operations are paid. This is where the recurring margin lives.
We open-source the framework under Business Source License and compete on operations.
Three independent architecture reviews. Convergent verdict.
"Production-grade infrastructure, not an experiment. The 'one identity, many surfaces, shared doctrine + per-operator calibration' model is elegant and scalable."
— Independent architecture reviewer, May 2026
1
Round 1 — v0.9.0
8.5–9.0 / 10
First full architecture pass. Core identity model validated. Open concerns: curation discipline, surface trust model.
2
Round 2 — v0.14.0
9.0–9.5 / 10
Trust tier architecture validated. Auto-curation framework reviewed. One concern class closed.
3
Round 3 — v0.18.3
9.2–9.5 / 10
Ready for broader beta and monetization. v1.0 declaration window: 30 days from current ship.
Three tiers. Calibration is the value.

You don't pay for the framework. You pay for the calibration window where we make the AI yours. After 30 days, it's compounding for you.
Best way to see it is live.
Show me a problem your team has solved twice. I'll show you the AI catching the third one before it happens. Twenty minutes from question to deliverable, on your data, in your voice, with your conventions.
info@vaulthelm.com
vaulthelm.com