Top Builder AI for Procore
Eight self-learning agents that turn your Procore project, financial, and document data into deterministic, audited recommendations, and, only when you approve, into reversible actions. This guide explains exactly what the app does, which Procore tools each agent reads, how to install it, and how your data is handled.
Read-only by default ยท per-tenant isolated ยท advisory-firstOAuth 2.0. You authorize the app from Procore. No passwords are shared with us.
Read-only. Any write-back is propose, approve, execute, audited and reversible.
01 What “Top Builder AI for Procore” does
Top Builder AI is the AI back office for contractors. It connects to the platform that runs your shop, here, Procore, reads the relevant project, financial, and document data, and runs eight advisory agents over it. Procore stays your system of record; we never replace its project-management workflows, we run the analysis it was not built to do.
Every figure the agents produce, every dollar, hour, and gap, is computed by deterministic, unit-tested code. The language model only writes the human-readable explanation; it never computes a number (our “figure firewall,” see ยง5). So the recommendations are exact, auditable, and reproducible.
The eight agents
- ๐ Booking ยท 24/7, qualifies, slots, and values inbound demand, including after-hours, and learns your booking rules.
- ๐ Dispatch / Routing, drive-time-optimized field assignments that also weigh margin, parts, and overtime, one shared brain, not one isolated calendar.
- ๐ต Financial, projects 30/60/90-day cash and flags margin leakage the day it appears, not at month-end.
- ๐ฆ Inventory, reorder points, shrinkage alerts, unbilled materials, and vendor-arbitrage savings.
- ๐ท Workforce, forecasts understaffing and avoidable overtime a week out, by trade and crew.
- ๐ Documents, classifies, extracts, and routes every inbound document to the right project, contact, and folder.
- ๐ณ Collections, works your A/R aging worklist around the clock, drafts dunning email, SMS, and call scripts, and tracks every promise-to-pay.
- ๐ท๏ธ Pricebook, keeps your materials and vendor costs current as vendor prices change, and re-prices affected items for human approval, so estimates and budgets never quote a stale cost.
The agents are advisory by default: each one proposes, and a person on your team reviews and approves. Each agent can be set to Off, Approve-first, or Auto, with a full audit trail and undo on every action. They also self-learn from your approvals and edits, per tenant, isolated to your account, so the wording and judgment improve over time while the math stays fixed.
02 Exactly which Procore tools each agent reads
The app requests the minimum read scopes each agent needs. Every row below is read access; nothing in this table writes to Procore. (Write-back, when you enable it, is covered in ยง3.)
Across all agents, the app reads from Procore’s Project Management (Projects, Schedule, RFIs, Submittals, Drawings, Daily Log, Directory / Contacts, Correspondence), Project Financials (Budget, Prime Contracts, Commitments / POs, Change Orders, Direct Costs, Invoicing, Forecasting), Field Productivity (Daily Logs, Timesheets, Crews, Production Quantities), and the Documents tool. You grant access during the OAuth consent step (ยง3) and can revoke it at any time from Procore.
03 How to install, the OAuth consent flow
Installation is a standard OAuth 2.0 authorize-and-consent flow. You stay in control: you authorize the app from Procore, and Procore, not us, issues the access token. We never see or store your Procore password.
Start the connection
From your Top Builder AI Command Center, choose Procore as your platform and click Connect. (Or install from the Procore Marketplace listing.) You are redirected to Procore to sign in.
Review & authorize on Procore
Procore shows you exactly which tools the app is requesting, the read scopes in ยง2. You review them and authorize. If you are a company admin, you can scope which projects the app may read.
Token is issued back to us
Procore returns an authorization code to our callback; we exchange it for an access token and a refresh token, which are encrypted at rest (AES-256-GCM) in a per-tenant vault. No passwords are stored.
Read & advise, read-only by default
The agents begin reading the data above and surfacing recommendations in your dashboard. Nothing is written back to Procore. You see value before anything changes.
Approve write-back when you’re ready (optional)
If you later enable a write action, it runs through the gate below, never automatically.
Write-back is always propose, approve, execute
Write-back is off by default and behind a master switch. When enabled, every action is proposed by an agent, approved by an authorized human, executed idempotently, written to an append-only audit log, and reversible (with a compensating undo). A per-agent autonomy setting (Off / Approve-first / Auto) governs this and defaults to human-in-the-loop. We never auto-apply a financial, pricing, or document change from model output.
You can revoke the app’s access at any time from Procore. On revocation or offboarding, the stored tokens are invalidated and your data is deleted on request (ยง5).
04 What data we access
We access only the Procore data the agents need to compute their recommendations, the read scopes listed in ยง2. Concretely, that is your project data (projects, schedule, RFIs, submittals, daily logs, directory / contacts), your financial data (budgets, prime contracts, commitments / POs, change orders, direct costs, invoicing, forecasting), your field productivity data (timesheets, crews, production quantities), and your documents.
- Read-only by default. The app reads this data to analyze it; it does not write to Procore unless you explicitly enable a write action through the approval gate (ยง3).
- Per-tenant isolated. Your data lives in our database isolated to your account by Postgres Row-Level Security (RLS, enforced, not advisory). We do not pool, aggregate, or share insights across customers. One tenant’s data, and any learned rules, can never reach another tenant.
- Minimum necessary. We request the least access each agent needs, and you scope which projects the app may read during consent.
- No bulk export, no migration. The app does not bulk-export your Procore data and does not migrate Procore to a separate system of record. Procore remains your system of record.
05 Security & AI handling
Every tenant table enforces Postgres Row-Level Security with FORCE; the app connects as a non-superuser role, so isolation is enforced by the database, not trusted to the application. Cross-tenant reads fail closed, and isolation is proven by automated two-tenant tests.
Credentials and tokens are encrypted with AES-256-GCM in a per-tenant vault; data at rest is AES-256 encrypted. Secrets are held in a managed secret store, never in source.
All traffic is served over TLS 1.2 or higher. US-only processing and storage; no offshore processing of customer data.
Every business number comes from deterministic, unit-tested code (ADR-0003). The language model only narrates results that were already computed; it can never invent, recompute, or shape a figure. The math stays exact and auditable.
The LLM (Anthropic’s commercial API) is used for inference only and is stateless per request. Procore data is not used to train or fine-tune any model. Our self-learning is per-tenant retrieval over our own database, recommendation, not model training, and it too can never touch a figure.
The model retains nothing between requests. We hold operating data in our RLS-isolated database; a tenant’s data can be purged on request, and all data is deleted on offboarding. Audit trails are append-only.
More detail: our security & vulnerability-disclosure policy and our public commitments on the privacy page. A machine-readable security contact is published at /.well-known/security.txt.
06 Support & legal
Questions about installing, configuring, or using the Procore integration, or anything about your data, go straight to a human.
- Support & security: support@topbuilderai.com
- Privacy policy: topbuilderai.com/privacy
- Terms of service: topbuilderai.com/terms
- Security & disclosure: topbuilderai.com/security
Top Builder AI is operated by Salisbury Bookkeeping, LLC (Utah, USA). Advisory outputs are decision-support and do not replace your CPA’s professional judgment.
Ready to connect Procore?
Authorize the app from Procore in a few minutes, read-only to start, so you see the recommendations before anything ever writes back. Or talk it through with the developer first.