Business rules that run, not rot
Flow is a language for writing, reviewing, and running business decisions as plain text. One file. Executable. Versioned. Auditable.
Business logic lives in too many places
Documents say one thing. Code does another. The real rules live in someone's head. When that person leaves, the rules leave with them.
The document
A Notion doc describes the process. It was accurate six months ago. Nobody has updated it since the last three changes went live.
The code
An engineer translated the doc into Python. It's been patched twice. The patches aren't in the doc. Only the engineer knows what it actually does.
The Slack message
The ops lead clarified an edge case in a thread last quarter. It never made it into the doc or the code. It lives in Slack search.
The AI agent
An AI model scores fraud risk, but the confidence thresholds and escalation rules are buried in the codebase. No one outside engineering knows when transactions get blocked.
The document becomes the execution
A .flow file is simultaneously a process document anyone can read and an executable program that runs the same way every time.
# The Notion doc says: "Block transactions over $5,000. Flag anything the AI scores above 70%." # The Python code says: if txn["amount"] > 10000: # was 5000 raise FraudBlock("high_value") if ai_score > 0.75: # changed in PR #891 flag_for_review(txn) # The Slack thread says: "We raised the threshold to 10k last month after too many false positives" # Nobody knows which rules are live.
services: RiskScorer is an AI using "anthropic/claude-sonnet" FraudOps is a webhook at "https://hooks.slack.com/..." step Decision: ask RiskScorer to analyze this transaction save the result as assessment save the confidence as ai-confidence if combined-score is above 75: set decision to "block" otherwise if combined-score is above 40: set decision to "review" notify fraud team using FraudOps # This file IS the rule. # It runs. It's versioned. It's reviewable.
Prove how your decisions work
Six properties, each earned by design — not bolted on after the fact.
Readable by anyone
A compliance officer, an ops lead, or a regulator can read a .flow file and understand exactly what the system does. No engineering degree required.
Executable as written
The same file that documents the process runs in production. The specification is the implementation. They can't drift apart.
Auditable by default
Every execution produces a structured log. Every change lives in Git with full attribution. You don't prepare for audits — you're always ready.
AI, governed
AI is a named participant with explicit instructions, confidence thresholds, and fallback rules — all visible in the file. Not a black box.
Secure by design
Seven constructs. No imports, no shell commands, no filesystem access. A .flow file can only do what it explicitly declares. The blast radius is contained.
You own the file
Plain text in your Git repo. No platform dependency. No vendor lock-in. No subscription required to read your own business logic.
Each team does what they're best at
Flow doesn't replace engineers. It frees them. The ops team owns the logic. Engineers own the infrastructure.
Write and own the rules
Ops teams write and maintain .flow files. When a process changes, they change the file. No Jira ticket. No waiting for a sprint. The people who understand the process own the process.
Build services, review logic
Engineers build the APIs and connectors that Flow calls. They review .flow files in pull requests like any other code. They stop being bottlenecked by business logic changes.
Read the actual rules
When an auditor asks "how do you make this decision?" — hand them the .flow file. They can read it. Try handing them 400 lines of Python.
Not another automation tool
Flow doesn't compete with Zapier for simple automations or with Python for general programming. Flow governs the decisions that matter.
| Capability | Flow | AI Agent Platforms | Zapier / n8n | Python | Documents |
|---|---|---|---|---|---|
| Non-engineer can read it | Yes | Varies | Partially | No | Yes |
| Actually executes | Yes | Yes | Yes | Yes | No |
| Deterministic logic | Yes | No | Yes | Yes | N/A |
| Meaningful diffs in Git | Yes | No | No | Yes | No |
| AI as governed participant | Yes | Partial | No | Manual | No |
| Built-in audit trail | Yes | Varies | Partial | Manual | No |
| No platform dependency | Yes | No | No | Yes | Yes |
| Blast radius containment | Yes | No | No | No | N/A |
One line changed. One line reviewed.
When a policy changes, the diff tells the whole story. No 200-line JSON blob. No "what did that node change do?" Just plain text, reviewed in a pull request.
Where decisions are consequential
Flow is for organizations where business decisions affect people's money, health, safety, or access — and where proving how those decisions work isn't optional.
Financial Services
Lending decisions, KYC, fraud detection, compliance reporting
Healthcare
Patient triage, referral routing, treatment authorization
Insurance
Claims processing, underwriting rules, risk assessment
Logistics
Delivery routing, exception handling, carrier selection
Trust & Safety
Content moderation, user risk scoring, escalation policies
E-Commerce
Order processing, refund rules, seller verification
From file to execution in seconds
Write a .flow file. Check it. Run it. That's it.
Give your business logic
a single source of truth
If it's in Flow, it's a real rule.
If it's not, it's just a suggestion.