> ## Documentation Index
> Fetch the complete documentation index at: https://docs.voqo.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Workflow Concepts and Safety

> Understand workflow states, trigger token security, and execution model expectations.

## Workflow model

* **Draft**: editable, not externally executable
* **Published**: executable via internal/external triggers
* **Unpublished**: retained configuration, execution disabled

## Trigger token security

* Treat trigger URLs as bearer secrets.
* Never expose token URLs in public docs, screenshots, or client-side logs.
* Rotate tokens if compromised or shared with the wrong party.

## Execution history

* Every trigger should produce an execution record.
* Execution records provide status and debugging context.
* Keep execution review in standard incident process for failed automations.

## Plan and role boundaries

* Workflow access depends on plan entitlement and workspace role.
* Support should verify plan and role before debugging workflow behavior.

## Related docs

* [Build, Publish, and Trigger Workflows](build-publish-and-trigger-workflows)
* [Workflow Troubleshooting](workflow-troubleshooting)
* [Plan and Permission Matrix](../admin/plan-and-permission-matrix)