The Companion runs on your machine — so the action is yours, and the audit trail proves it.
Chrome extension for Phase 2 entry. Tauri desktop app for AS-2-equivalent workloads. One Companion Protocol. Merchant-as-operator-of-record.
EXSEL Companion is a Chrome extension (Phase 2) and Tauri desktop app (AS-2+, Phase 5) that keeps merchant credentials on-device — they never transit EXSEL servers. Companion signs every task command with an orchestrator capability token scoped to adapter, action type, client_id, and expiry. This makes the merchant the operator-of-record for any platform-native UI action, which is the architectural requirement for Walmart Seller Center and Shopify Magic integrations.
What the Companion is, in one paragraph
The Companion is a locally-installed agent that sits between your browser and our orchestrator. It receives capability-scoped task commands (signed by the orchestrator's private key with exact adapter, action type, client id, and expiry) and executes them on your device. Credentials never leave your machine. Every action is recorded with a DOM snapshot and screenshot. You are the operator of record — the Companion is the tool.
Citations: ADR-045 (revised 2026-04-17 PM) · ADR-044 audit log · G47 rule 4.
---
Two clients, one protocol
| Chrome extension | Tauri desktop app | |
|---|---|---|
| Install | Chrome Web Store | macOS / Windows / Linux |
| Requires | Chrome | Any OS |
| Unlocks | AS-0 / AS-1 merchant automation paths | AS-2-equivalent workloads (Phase 5, required) |
| Scope | Browser-tab automation | OS keychain, background persistence, local file ingestion, Safari automation, screen-level audit artifacts |
| Capabilities | Walmart Seller Center critical ACKs, Shopify admin helper tasks, TikTok Shop UI flows where API doesn't cover | All of the above + passive-telemetry (opt-in, ADR-058), desktop notifications |
| Price | $9/mo (add-on SKU) | $9/mo (same SKU — one subscription, either client) |
| Required for | Walmart connector | AS-3/AS-4 tamper-evident audit mode for regulated merchants |
Why we built it (and why we won't take your password)
Several platforms don't provide API access for the actions merchants actually need — Walmart Seller Center critical acknowledgements, some Shopify admin surfaces, TikTok Shop edge cases. The alternatives are:
1. Cloud-based UI automation — we drive a headless browser with your credentials. Bad: scraped credentials on our servers, cross-tenant risk, most platforms treat this as a T&C violation, single-pane-of-glass breach risk. 2. We ask for your platform password. Worse: we can't legally say "we won't keep it" convincingly, and you can't verify. 3. You keep running everything manually. Defeats the point. 4. Companion. You install a signed app on your device. It logs in with your session — the same session you already use. We send capability-scoped commands; it executes them locally. Credentials never leave your device. We log a tamper-evident audit trail of what we asked for.
Option 4 is the only one that lets us say "we never take your password" and mean it architecturally.
---
What "merchant as operator of record" means
Under the Companion architecture, the merchant's account is the actor. Platform logs see the merchant's browser / OS session performing the action. The Companion is a tool — like a macro — that executes commands the merchant's orchestrator signed. No third party (us) is driving the session.
This matters for two reasons:
1. T&C alignment. Platform ToS that prohibit "third-party automation of UI" are not triggered — the Companion runs in merchant context. 2. Audit defensibility. If a platform disputes an action, the audit bundle shows: orchestrator signed command X at time T → Companion received → Companion executed on merchant device with DOM snapshot Y + screenshot Z → platform accepted.
ADR-045 is public; read it if procurement wants the legal analysis.
---
Capability-token model
adapter: the specific task adapter (e.g.walmart.ack-critical-issue.v1)action_type: the exact operation allowed (not a blanket grant)client_id: your merchant idscope: allowed selectors, rate limits, URL allowlistexpiry: seconds-level TTLsignature: orchestrator private key signature
Tamper-evident audit mode (AS-3 / AS-4)
- Every Companion action emits a row to
companionauditlog_v2, hash-chained (each row's hash incorporates the previous). Retro-editing detectable. - Each row includes: signed command, DOM snapshot, screenshot, HTTP response hash, timing.
- Weekly signed evidence bundle — 5-7 MB, exportable, legal-artifact-grade.
- Required for the Walmart connector's sensitive-action paths.
- Included in SLA add-on for AS-3/AS-4 tiers.
Security posture
- Code-signed — Windows EV code-signing + Apple Developer ID notarization (MRR-$20k-gated, ADR-046-v2 §10 rule 4). Until MRR threshold, Companion ships signed by a non-EV cert with a disclaimer.
- Sandboxed — Tauri uses platform-native sandboxes. Chrome extension uses Manifest V3 with minimum permissions.
- No outbound connections except to
orchestrator.exsel.aiover TLS 1.3 + mutual-TLS. - Auto-update behind a feature flag; merchant can disable and pin a version.
- Kill-switch — one click in
/settings/companionsuspends task intake until re-authenticated. - Telemetry — opt-in per ADR-058 (amended). Passive behavioral telemetry dropped the
keyboardcadenceaggregatedsignal per P0.R6 research (GDPR scrutiny cost > signal value).
Install walk-through (linked to Loom)
60-second Loom: 1. Click "Install Companion" from dashboard settings. 2. Browser opens Chrome Web Store (or macOS download). 3. Install + grant scope. 4. Dashboard confirms connection (green dot). 5. First command is a no-op probe — merchant sees the command preview, confirms.
Events: companioninstallstarted, installcompleted, firstprobe_ok.
---
Which platforms require Companion
| Platform | Companion required? | Reason |
|---|---|---|
| Amazon | No | SP-API covers scoped writes |
| Shopify | No | Admin GraphQL covers scoped writes |
| TikTok Shop | No (default) / Yes for edge-cases | Business API + Shop Partner API cover 95%; Companion covers specific UI flows |
| Walmart | Yes | No public API for critical Seller Center ACKs |
| Meta Ads | No | Marketing API covers writes |
| Google Ads | No | Google Ads API v23 covers writes |
| Etsy | No | Public API covers scoped writes |
| eBay | No | Public API covers scoped writes |
| No | Public API covers scoped writes |
Pricing
$9/mo (P-COMP SKU). One subscription covers both the Chrome extension and the Tauri desktop app on the same merchant account. Multi-seat agencies use the Exsel Partner seat tier instead.
Bundles with: any Walmart-tier connector; any AS-3/AS-4 audit-mode AI specialist.
---
Exit-intent drawer
> Before you go — the capability token example.
> One-page PDF showing a signed command + Companion verification. Copy-paste into your security review.
>
> [ you@company.com ]
> [ Send me the sample → ]
---
Close
3 numbered steps: 1. [ Install Chrome extension ] — 30s. 2. [ Run the probe command ] — sees what the scope looks like before you unlock any AI specialist. 3. [ Unlock your first AI specialist ] — when you're ready.
---