Tools & Mini-apps
The Tools area hosts a marketplace of utilities, each governed by per-tool permissions. There are three kinds of tools.
Native tools
Native tools run inside PilotBPM with no setup. Today's set includes:
- Invoice Stamper — batch-stamp invoices with an approval mark, date, and initials, then copy or download the log.
- CSV Cleaner — trim, de-dupe, drop empty rows, and normalize headers, then export clean CSV.
- Markdown Converter — turn pasted text into tidy PilotBPM markdown.
No-code tools
No-code tools are built from a simple declarative recipe — a set of input fields plus a safe transform pipeline (templates, find-and-replace, case changes, line tidy-ups). They run entirely in your browser and never execute code, so they're inherently safe. The seeded Letter Composer is an example.
GitHub applets (sandboxed)
Need something custom? A vetted GitHub repo can be published as an applet. Applets are held to a strict security model:
- The platform team pins the repo to an immutable commit, validates its
pilot-applet.jsonmanifest, and confirms every file is a static asset — no build steps or server code ever run. - The applet loads in a sandboxed iframe on an isolated origin with no access to your cookies, session, or page.
- It can only reach data through a permissioned bridge: each request is re-checked against the exact scopes an admin approved (e.g. read current user, access the selected document). Anything else is refused.
Requesting an app
If your team wants a specific GitHub tool, a tenant admin can Request an app from the marketplace. It goes to the PilotBPM team to vet, test, and — if approved — sandbox and publish.
How to configure
- Browse the marketplace, install a tool, and approve its requested permissions; employees can then launch it.
- Tool availability is governed by your plan and the platform admin's enabled modules matrix.
- Tenant admins toggle optional modules in Admin → Modules. Integration settings (storage/S3, SharePoint) live under Admin → Integrations.