Skip to main content

How Endpoint Care works

Every user IT request follows the same lifecycle:
  1. Understand - the employee types a request (or clicks a quick action). The agent interprets the intent and selects the matching skill. If nothing matches, the run becomes a triage run.
  2. Plan - the agent reads the skill and produces an explicit, ordered plan of tool calls for this specific goal.
  3. Check - the plan passes through the guardrail pipeline: intent screening, plan validation against the skill’s allowed tools, and central policy evaluation.
  4. Execute - steps run one at a time on the device. Diagnostic steps are read-only. Corrective steps pause at gates: a preview of exactly what will change, and a consent prompt the user must approve.
  5. Verify and report - the agent confirms the outcome (including asking the user), then produces a summary. Every run, resolved or not, is recorded as a ticket with the full diagnostic trail.

Major components

  • Desktop agent - the app is on each computer: chat UI, local diagnostics and fixes, enforced guardrails. Installs with one command.
  • Skills - natural-language playbooks, one per problem type (disk cleanup, email repair, VPN). Each defines its steps and allowed tools. IT can add custom skills and toggle any skill from the cloud.
  • Tools - deterministic, code-reviewed functions that do the actual work (scan disk, flush DNS, repair keychain). The AI chooses which to use; it never runs raw commands.
  • Guardrails - the checks between request and action: intent screening, plan validation, policy, and per-step consent and previews. Enforced by the system, not the model.
  • Triage - the safety net. Unresolvable issues are diagnosed, categorized, and routed with evidence. No request dead-ends.
  • Cloud console - central skill management, policy, analytics, and audit.
  • Integrations - ticketing systems, plus Slack and Teams entry points.

Terminology

TermDefinition
SkillA natural-language playbook for one class of problem. Defines when to run, the steps, the allowed tools, and edge-case handling.
ToolA deterministic, code-reviewed function that performs one action on the endpoint. Tools carry risk metadata (risk level, destructive or not, consent required). Skills reference tools; they are never the same thing.
RunOne end-to-end execution: request, plan, gated execution, verification, and report.
PlanThe explicit, ordered list of tool steps the agent generates from a skill for a specific request, before anything executes.
GateA point where execution pauses for a human. Types: consent (approve a risky action), preview (see exactly what would change before it does), acknowledgment (confirm an out-of-band step is done), and intake form (provide structured details).
Allowed toolsThe fixed list of tools a skill may use. The agent cannot reach outside it.
Risk levelA tool’s declared impact rating. Higher risk triggers stronger gating.
TriageThe fallback flow for issues no skill can fix: diagnose, categorize, prioritize, and route with evidence.
ResolutionA run whose fix was confirmed, by verification or by the user.
EscalationA run handed to IT with the diagnostic bundle attached, either because triage routed it or because fixes did not resolve it.
Diagnostic bundleThe device evidence attached to a ticket: device context, relevant diagnostics captured at the moment of the problem, steps already taken, and the conversation.
Quick action (pill)A one-click shortcut in the chat UI that starts a common skill (“Fix Email”, “Free up space”).
Audit trailThe complete cloud-side record of a run: the plan, every gate decision, every tool result, and the outcome.