How to build a defensively scoped proposal agent

Most agency operators use AI to write sales copy. That is the wrong play.

The copy in a B2B proposal is rarely what loses the deal. Deals are lost when scoping is vague, exclusions are missed, or the pricing does not align with the real client bottleneck. If you rush the quote, you risk your margin. If you take too long to send it, the client cools down.

The true value of AI in a sales process is not speed or persuasion. It is commercial safety.

We recently designed and deployed a custom Sales Proposal Agent system for a 12-person brand and digital agency in Hong Kong. The goal was to turn custom, high-value proposal creation into a secure, repeatable, and defensively scoped workflow.

This is the exact architecture we built.

A high-value B2B proposal requires different types of reasoning. An agent that tries to draft brand strategy and price complex database structures at the same time will make mistakes.

The system uses a two-layer structure to separate concerns:

The Orchestrator: The `sales-proposal-agent` acts as the single point of entry. It owns the proposal from the early enquiry to the final QA review.

The Workflow: A custom `proposal-assembly` skill that defines the step-by-step assembly process.

The Specialists: Focused sub-agents called by the orchestrator when specific depth is required. The `digital-agent` handles technical assumptions and CMS boundaries, the `brand-agent` owns the strategic narrative, and the `quote-agent` calculates pricing, exclusions, and commercial risk.

This separation of concerns keeps the context window clean and ensures the right specialist handles the right part of the scope.

Generic AI models tend to search the web or make assumptions when they lack information. In a commercial proposal, this is dangerous.

To solve this, the agent is bound to a strict 'source ladder.' It is programmed to check evidence in a specific order:

1. Local files: Client-supplied briefs and documents.

2. Google Drive: Shared documents, spreadsheets, and slides.

3. Notion: Internal project records, meeting notes, and planning history.

4. Quoting software: Approved internal pricing templates and quotation storage.

5. Web search: Only for verifying current public facts or client claims.

The agent is forbidden from moving down the ladder until it has exhausted the previous tier. It must state exactly what it checked and what it skipped.

To prevent blind trust, the agent must output an evidence log at the end of every substantive draft.

This log serves as a checklist for the human reviewer. It shows the exact inputs used to build the proposal:

Evidence log: - Local files checked: [Filename.pdf] - Google Drive checked: [Link to client folder] - Notion checked: [Meeting notes 24/05/2026] - Quoting software checked: [Standard Web Scopes V2] - Web checked: [Client competitor list] - Sub-agents used: [digital-agent, quote-agent] - Sources skipped: [Stripe integration spec - file missing] - Pricing basis: [Approved Day Rates 2026] - Open checks: [CHECK: Confirm if client hosting includes staging server]

If the agent had to make an assumption because a file was missing, it must flag it in the log with a `[CHECK: reason]` tag. The proposal cannot be sent until these tags are resolved by a human.

The most critical part of the workflow runs before any pricing is drafted. The agent uses two custom skills to identify commercial risk.

Pre-quote scoping: Before a partner commits to pricing, the agent reviews the brief to ensure the scope is actually quote-ready. It flags what the client *didn't* mention but will likely expect.

If a client asks for a 'multi-language website' but does not mention content translation, the agent flags this as a risk. It prompts the reviewer to explicitly exclude translation copy from the quote.

Quote quality check: Once the draft is assembled, the agent reviews the quote structure against the agency's historic quotation and invoicing storage. It looks for common loopholes: vague deliverables (e.g. 'product catalogue' without specifying if it is static or has filtering), missing revision boundaries, and unspecified third-party costs (hosting, domains, API licenses).

It then automatically drafts the corresponding exclusion clauses.

The agency did not build this system to replace human judgment. The partners still own the relationship, the strategy, and the final pricing approval.

Instead, the system acts as a defensive shield.

It handles the heavy lifting of organizing the evidence, structuring the options, and checking for commercial risk. The partners can focus their energy on the client's real problem, knowing the back door is locked against scope creep before the contract is even signed.