The context platform

Billion random sources,
one lens.

LensHub is the data plumbing for AI agents — one place where every doc, ticket, thread, repo, and spreadsheet is classified, scored, and handed to any AI agent over MCP.

Request access See how it works
Self-hosted since Jan 2026/Managed cloud · early access
claude · mcp · lenshub
01 · the problem

Your company's knowledge lives everywhere.

Slack threads. Jira tickets. Confluence pages. GitHub READMEs. Notion docs. Sales playbooks. Finance spreadsheets. None of it reaches your agents.

§ 01
Slack
12,400 threads
§ 02
Jira
3,102 tickets
§ 03
Confluence
847 pages
§ 04
GitHub
64 repos
§ 05
Notion
1,920 docs
§ 06
Google Drive
~∞ files
§ 07
Salesforce
playbooks
§ 08
Zendesk
tickets
§ 09
Figma
specs
§ 10
QuickBooks
records
§ 11
HR system
policies
§ 12
…and 40 more
Silos grow. Answers don't./ 01
02 · before / after

Same question.
Two very different agents.

Watch the same prompt run against an agent without LensHub, and one with it. The work isn't in the model — it's in what the model can see.

claude · standalone0 turns · 0 pastes
user
how does lenshub make sure your data is safe?
assistant
I don't have specific information about "lenshub." Could you share relevant documentation?
pasteREADME.md
# LensHub Context OS for the agent era... Self-hosted, Postgres + pgvector...
assistant
Thanks. Based on the README, it’s self-hosted. But I’d need config files to say more about security posture.
pastedocker-compose.yml + .env.example
services: db: image: postgres:16 ports: ["127.0.0.1:5432:5432"]
assistant
Better. I can now see localhost-only port binding. Still missing auth layer details.
pasteauth.py + settings.py
JWT_ALG = "HS256" JWT_TTL = 3600 JWT_ROTATE_INTERVAL = 3600 CONNECTOR_SCOPES = {"github": "read", ...}
assistant
Rotating HS256 (1h TTL), per-connector OAuth scopes, JWT on every endpoint. Still nothing on encryption at rest or transit.
user
what about encryption at rest, and TLS in transit?
assistant
Nothing in what you've shared confirms storage encryption or TLS config. Paste your db config and ingress/proxy setup?
pastecrypttab + postgres.conf
# /etc/crypttab pgdata UUID=… /etc/keys/pgdata.key luks,cipher=aes-xts-plain64 # postgres.conf ssl = on ssl_cert_file = /etc/ssl/postgres.crt
assistant
LUKS-encrypted volume (AES-XTS-256) at rest, Postgres SSL on. Still missing: ingress TLS termination, internal service-to-service traffic.
pastenginx.conf + ingress.yml
ssl_protocols TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; # internal mesh: see service-mesh/README
assistant
TLS 1.3 at the edge, strong ciphers. ⚠ pod-to-pod mesh referenced but not pasted — can't confirm mTLS.
user
forget it, i’ll just go read the docs myself
assistant
OK, putting it together: AES-256 encryption at rest, Postgres + pgvector volume-level. Per-connector read-only OAuth, JWT on every endpoint. Rotating HS256 secret, 1h TTL, CORS locked to allowed origins. Localhost-only port binding, no external calls — data never leaves your VPC.
complete · uncited· no citations · 5 files manually pasted
~22 minof context wrangling
completeanswer · uncited
claude · mcp · lenshub0 sources · idle
user
how does lenshub make sure your data is safe?
tool call
lenshub.search("data safety security", scope="docs+code")
4 sources
docs/SECURITY.mdscore 0.94
api/auth.pyscore 0.91
api/settings.pyscore 0.88
docker-compose.ymlscore 0.82
assistant
SECURITY.md AES-256 encryption at rest, Postgres + pgvector volume-level.
assistant
auth.py Per-connector read-only OAuth, JWT on every endpoint.
assistant
settings.py Rotating HS256 secret, 1h TTL, CORS locked to allowed origins.
assistant
docker-compose.yml Localhost-only port binding, no external calls — data never leaves your VPC.
complete · cited· 4 sources · 0 pastes
feedback loop · activescoring contexts from this answer
docs/SECURITY.mdscore +0.04 → 0.98
api/auth.pyscore +0.02 → 0.93
api/settings.pyconfirmed · no change
docker-compose.ymlscore +0.01 → 0.83
~9 secone tool call
always freshauto re-index
The agent doesn't get smarter. It just gets your context — and it stays current./ 02
03 · the product

The product.
Boring on purpose.

No futuristic mockups — this is the actual UI. A dashboard for context health, a chat for agent-cited answers, and a connector panel that does the boring sync work.

LensHub dashboard showing context counts, agent activity over the last 24 hours, and connector sync status.
DashboardContext health, agent activity, and connector sync — at a glance.
LensHub chat interface — Ask LensHub anything, with answers grounded in the indexed contexts.
Built-in chatAsk the workspace anything. Every answer cites its sources.
04 · use cases

Questions that used to take a week,
answered now.

Case 01
Fill out a cyber-security questionnaire.

LensHub pulls your security policy, audit evidence, incident runbooks, and pen-test results. Your agent fills in 94% of sections automatically.

Before
3 days
manual research + writing
After
35 min
one agent run
Case 02
Write the user manual for v4.2.

The agent reads GitHub release notes, Jira tickets, Figma specs, and existing docs — producing a structured draft ready for review.

Before
2 weeks
engineer + writer
After
1 day
review + polish
Case 03
Why did Q1 renewals miss target?

Connect Salesforce, Slack CS channels, Jira, and the renewal playbook. Get a root-cause analysis with evidence, not opinions.

Before
4 meetings
cross-team alignment
After
1 prompt
cited answer in 9 sec
05 · how you use it

One context layer.
Four ways to reach it.

Way 01
CLI agents
claude · gemini · cursor · codex

Add LensHub as an MCP server with one command. Works with any agent that supports the Model Context Protocol.

$ claude mcp add --transport http lenshub https://lh.acme.co
✓ connected · 18 tools · 4,812 contexts
> why did renewals miss target?
lenshub.search → 6 sources · cited
Way 02
Custom GPTs
chatgpt · claude desktop · custom GPTs

Drop the OpenAPI schema into your Custom GPT action config. Works with any OpenAI-compatible tool-calling setup.

openapi: 3.1.0
servers:
- url: https://lh.acme.co
paths:
/search: { get: { operationId: search } }
# paste into Custom GPT → Actions schema
Way 03
Built-in chat
lenshub.app · zero setup

Use the LensHub chat UI directly — no agent setup required. Ask questions, get cited answers from all your connected sources.

Why did Q1 renewals miss target?
Three factors: API latency spikes in Feb [github], playbook gaps on expansion [notion], and churn signals not escalated [slack].
api-gateway#441renewal-playbook#cs-churn
Way 04
Autonomous agents
background workers · cron · workflows

Connect LensHub to n8n, Zapier, or your own agent runner. Schedule daily briefings, alerts, and digests.

agent:
name: daily-briefing
schedule: "0 8 * * 1-5"
tools:
- lenshub.search
- lenshub.digest
output: slack:#leadership
06 · context OS

Not a search box.
An operating system for context.

Every other “AI knowledge” tool just indexes your docs. LensHub is the layer your whole org runs its context through — with the rules, structure, and observability a production system needs.

SOURCESCONTEXT · OSAGENTSLensHubCONTEXT · OSclassify · embed · scoreversion · audit · serveSlackchannels · threadsNotiondocs · wikisGitHubrepos · issuesJiratickets · sprintsDrivedocs · sheetsSalesforceCRM · accountsClaudeclaude code · desktopChatGPTcustom GPTsCursoreditor agentYour agentsbackground workersEVERYTHING IN · ONE LENS · ANYTHING OUT
07 · features

Built for production.
Not just demos.

01
Health scoring
Every context has a live health score. Stale, contradictory, or low-signal sources are flagged before they reach your agents.
02
Feedback loops
Every agent response traces back to a context. Confirmations boost, contradictions flag — the graph gets smarter with every query.
03
MCP-native
One endpoint. Every MCP-aware agent can connect with a single command. No SDK, no custom integration.
04
Self-hosted or Managed
Runs entirely in your VPC. Postgres + pgvector, no external calls.
08 · connectors

18 connectors.
One sync.

GitHub
GitLab
Bitbucket
Jira
Linear
Asana
Confluence
Notion
Google Drive
Dropbox
Slack
Discord
Salesforce
HubSpot
Zendesk
Intercom
QuickBooks
Custom / S3
Need another?
Ask us — new connector in ~1 week.
09 · pricing

Self-host today.
Managed when you're ready.

The self-hosted version has been running in production since January 2026. Move to managed when you want someone else to handle the infra.

Tier 01
Hobby
Individual / eval
$0free
  • 1k contexts
  • 100 memories
  • 5k queries / mo
Starting Q4 2026
Tier 02
Most popular
Pro
Small team
$199/mo · per workspace
  • 50k contexts
  • 10k memories
  • 100k queries / mo
  • All connectors
  • 10 human users
Tier 03
Business
Growing eng org
$799/mo · per workspace
  • 500k contexts
  • 100k memories
  • 1M queries / mo
  • SSO
  • Unlimited users
Tier 04
Enterprise
Real enterprise
Custom~$2k–10k / mo
  • Unlimited everything
  • Audit logs
  • DPA
  • Dedicated CSM
10 · FAQ

Questions, answered.

How is this different from just using RAG or a vector database?

A vector database stores embeddings — it doesn't know which sources are stale, contradictory, or out of scope for the requesting user. LensHub adds health scoring, access control, deduplication, feedback loops, and versioning on top of the retrieval layer. You get production-grade context, not just search.

Does LensHub see our data?

Self-hosted: never. Everything runs in your VPC — your data never leaves. Managed: data is processed in your dedicated tenant. We will never train on your data.

How do you guarantee an agent doesn't leak data a user shouldn't see?

Permissions are enforced at four layers. (1) ACL mirroring: when we sync a source we ingest its permission metadata alongside the content — page restrictions, channel membership, repo collaborators, sharing scopes — and store it as a separate source-of-truth ACL graph. (2) Query-time enforcement: every search and agent query carries the requesting user's identity; we resolve their effective permissions across all connected sources and filter results before they leave the database. If a user can't see a Confluence page directly, neither can their agent. (3) Audit-ready logging: every retrieval is logged with user, agent, query, returned context IDs, and timestamp — exportable to your SIEM (Splunk, Datadog, S3). (4) Continuous reconciliation: ACL changes propagate within minutes, not on the next full sync — revoke someone's Notion access and their agent loses it before their next query.

Where does my data live, who can access it, and what happens when we leave?

Where it lives: self-hosted means your data never leaves your VPC. Managed runs in your chosen region (US or EU), encrypted at rest with AES-256 and in transit with TLS 1.3, with separate encryption keys per tenant. Who can access it: self-hosted, only your team. Managed: no LensHub employee has standing access — production access requires a JIT approval flow with two-person sign-off, fully audited. What happens when you leave: full data export at any time — every context, version, memory, and audit log in a documented JSON/SQL format. After cancellation, all customer data is purged within 30 days with a cryptographic deletion certificate signed by our SRE team. No exit fees, no proprietary formats, no lock-in.

Which agents does it work with?

Any agent that supports the Model Context Protocol (MCP) — Claude, Claude Code, Cursor, Windsurf — or the OpenAI Actions schema (ChatGPT, Custom GPTs). The REST API works with anything else.

How long does setup take?

The self-hosted version deploys in about 20 minutes with Docker Compose. Managed onboarding takes a short call to configure your connectors and access scopes. Most teams have their first agent query working within an hour.

11 · next

Billion random sources,
one lens.

LensHub has been running in self-hosted setups since January 2026. We're now opening up a public managed service — sign up to be among the first to try it.

Self-host available today/Managed cloud · early access