What the new Nortinia AI Assistant can do

The Nortinia AI Assistant is a single chat surface that lives inside every Netorigo product (admin, finance, logistics, NIP, storefronts, sales-ai). There is no separate subdomain, no separate login — users find it where they already work. It is tenant-aware, role-aware, MCP-driven, and every in-app action runs through preview-and-confirm.

The 20 actions it performs today

1. Catalog edit — product fields, prices, images updated in the admin UI with preview.
2. Refund initiation — open the refund flow, pick the customer, validate the amount.
3. Entity navigation — "take me to the Kovács Ltd. invoice" → admin URL with params.
4. Knowledge lookup — internal docs, T&C, GDPR snippets cited inline.
5. Invoice creation — finance module: customer + lines + VAT.
6. Bank-tx reconciliation — auto-match suggestion with manual confirm.
7. Logistics waybill open — parcel, recipient, courier service.
8. Stock movement — receive, transfer, write-off inside logistics.
9. Sales pipeline move — deal stage update, owner swap.
10. Quote sending — draft quote + email template suggestion.
11. User RBAC change — role edit (admin role and above only).
12. Audit event lookup — "what did Anna do yesterday in payments?"
13. KPI report — dashboard widget parameterisation and export.
14. Email campaign prep — sales-ai mailer: segment + template.
15. Popup-agent config — storefront chat trigger rules.
16. Brand voice test — content-template generation with sample text.
17. Document search — full-text search over invoices, date + amount filters.
18. Customer touch history — every touch (call, email, support) in one view.
19. Template-based email send — preview, then send.
20. Mobile scan launch — open the QR flow for warehouse staff.

The two things it deliberately will NOT do

1. Financial close sign-off. Quarter-close, year-end, VAT submission final sign-off is always a human action. The assistant prepares, validates, calculates — but it does not press the "close" button. This is a compliance choice, and it is intentional.

2. Tenant deletion. Tearing down a full customer account (data export, GDPR erase, billing wind-down) is strictly behind super_admin UI with a two-person confirm. The assistant can open the request; it cannot complete it.

Provider concealment

To the user the assistant is always "Nortinia Engine". Underneath there is a model mix (OpenAI gpt-5, Anthropic Claude, ElevenLabs voice) — but the surface never names a provider. This is not just marketing: if a user asks in chat "are you GPT-4?", the system politely deflects. Model choice is an operator decision, not a user decision.

Audit attribution

Every action records two identities in the audit trail:

• Actor: ai_assistant:<userId> — who issued the chat prompt
• Origin: mcp:<tool_name> — which MCP tool executed it

This means every mutation (refund, role change, invoice issue) is traceable back to the user prompt that caused it. The bot does not act on its own behalf — it relays.

Preview-and-confirm

Every mutation tool (write, update, delete) runs in two steps:

1. Preview — the tool produces a "this is what will happen" summary (diff-like).
2. Confirm — only after an explicit user "yes" / button click does it run.

This is the default. Power-user roles can opt into auto-confirm for idempotent read-only actions.

What this means day to day

The finance clerk does not click eight menus to issue an invoice — they speak or type one sentence. The warehouse operator does not open a separate scan app — the assistant launches it. The admin does not hunt for the audit URL — they ask, and they get. This is not a chatbot bolted to the side of the product. It is a second interaction layer over every feature.

What is coming next

The next cycle adds three capabilities: scheduled actions (deferred mutations), multi-step workflows (several tools in one flow with human confirms at critical points), and learning feedback (per-tenant prompt tuning from "this was wrong" signals).