Approval gates

Why approval gates exist

Some actions are reversible (drafting a note, summarising a thread) and some aren’t (sending a customer reply, deleting a record, refunding a charge). For the irreversible ones, AgentTeams uses approval gates: the agent prepares the action, surfaces it for review, and a human approves before anything leaves the building.

We don’t use the older “supervised mode” / “autonomous mode” framing where you opt-in once and forget. Approval gates are per action: the gate fires only on actions that genuinely need oversight, and the rest run end to end without you in the loop.

How a proposal works

When an agent decides an action needs approval, it creates a proposal instead of taking the action directly. The proposal lands in two places:

• The agent’s chat thread, so whoever was talking to it sees the proposed text and can approve or edit inline.
• A Tasks to review section at the top of the Tasks page, so nothing slips when nobody’s watching the chat.

Each proposal contains:

• What the agent wants to do, in plain language.
• The exact payload it’ll send (the message text, the tool call, the resource it’s modifying).
• Why it thinks this is the right action, drawn from the task and the context it gathered.

You can Approve (it runs as-is), Edit (modify the payload, then approve), or Dismiss (it doesn’t run, and the agent remembers you said no).

Which actions are gated

Out of the box, approval gates fire on:

• Customer-facing replies. Help Scout ticket replies, Gmail emails to external recipients.
• Destructive operations. Deleting a record, changing permissions, archiving a thread.
• Financial actions. Refunds, invoice modifications, anything that touches money.
• Anything you explicitly mark. An agent’s directives can declare extra cases that should always need approval (“flag for human review any message to a customer on the Enterprise plan”).

Internal operations (reading messages, drafting notes for yourself, replying to internal teammates) run without gates by default. You can tighten this per agent or per team if you want a stricter policy.

The audit log

Every approval, every dismissal, every action the agent takes lands in the Activity log (sidebar → Activity). Each entry records:

• What the agent did (or proposed)
• Who approved or dismissed it (if a human was in the loop)
• When, and from where (dashboard, Slack, email)
• The full payload, expandable inline

The audit log is append-only and retained for the duration of your subscription. It’s the canonical record of what the agent did and why, useful for incident review, compliance, and just remembering what the team got done last week.

“Approved by” attribution

Every gated action carries an “approved by” field with the human’s name. This shows up on the action’s artifact (the Slack message footer, the Help Scout internal note, the audit log row), so when a customer or teammate asks “who sent this?” the answer is both the agent and the human who signed off.

Bulk approval

For repetitive proposals (a batch of replies during a triage session, a queue of refund approvals after a billing incident), you can select multiple proposals and approve them in one click. Each one still gets its own audit log entry; the bulk action is just a shortcut, not a different code path.

Related

• Tasks & schedules — how PM proposals work
• Agents & teams — directives that add or remove gates
• Reactions — what wakes the agent up to consider an action