Skip to content
C
Cordum
Request AccessTalk to Sales
Blog

Approvals for autonomous workflows

How to gate risky actions without slowing the safe path.

Jan 18, 20267 min readApprovals
TL;DR

Approvals are a targeted risk gate. Require them for high-impact actions, bind them to a policy snapshot, and provide the context needed for fast review.

  • - Approvals are a risk gate, not a universal speed bump.
  • - Bind approvals to a policy snapshot and job hash to prevent drift.
  • - Provide enough context so reviewers can approve quickly and safely.
On this page
Approval goals

The goal is not to approve everything. The goal is to stop the risky actions, capture human intent, and keep safe automation moving quickly.

Why approvals matter

Autonomous workflows can change production systems and move data across boundaries. Approvals provide a human gate for high-impact actions, and they make the risk decision explicit.

When approvals are required

  • - Production writes or schema changes.
  • - Network egress or external integrations.
  • - Access to secrets or privileged systems.
  • - High-risk packs or workflows that touch core infrastructure.

Designing a fast approval loop

A good approval loop is tight and predictable. Make the approval request small, include the reason, and allow reviewers to approve or deny in one click. Avoid long queues and hidden context.

Approvals should be bound to a policy snapshot and job hash so a reviewer knows exactly what they are approving. Design for sub-minute approvals when the context is complete.

Incident response walkthrough

Here is a concrete approval loop for a production incident:

  1. 1. Alert triggers the incident-triage workflow.
  2. 2. Triage worker gathers evidence and proposes a remediation step.
  3. 3. Safety Kernel requires approval because risk tags include prod/write.
  4. 4. Reviewer sees the policy reason, constraints, and job hash.
  5. 5. Approval resumes the run and remediation executes within bounds.

What reviewers need to see

  • - Who requested the action and which workflow triggered it.
  • - The matched policy rule and decision reason.
  • - The scope of impact (prod, write, network, secrets).
  • - The constraints that will apply if approved.

Approval request example

An approval request should be compact and explicit. The reviewer should be able to decide in one glance.

{
  "run_id": "run_8f9a",
  "step_id": "remediate",
  "reason": "prod write detected",
  "policy_snapshot": "7f3d...9c2b",
  "risk_tags": ["prod", "write"],
  "constraints": {
    "max_lines_changed": 500,
    "max_runtime_sec": 900
  },
  "requested_by": "workflow.incident-triage"
}

How Cordum handles approvals

Cordum binds approvals to a policy snapshot and job hash, records the approval event in the audit trail, and resumes the run only when conditions are met.

Learn more in the workflow engine docs.

Related posts
AI governance in production: policy-first control planes

A practical guide to AI governance in production: policy checks, approvals, constraints, and audit trails.

Policy-as-code for AI workflows

How to encode AI governance as versioned policy rules with explainable decisions and constraints.

LLM safety kernel: deterministic decisions for risky work

Why a Safety Kernel provides deterministic policy decisions for LLM-driven actions.

Next steps

Request source access to review the approval flow and policy binding, or run the quickstart to see approvals in the run timeline.

Request accessQuickstart