Human-Gate Loop
Work proceeds autonomously until it reaches a consequence threshold, where it stops and presents state, options, and a recommendation for human approval before continuing.
When to use
Deploys, spends, deletions, publishing, and any action whose reversal cost exceeds the approval cost.
Steps
| Step | What happens | Verification |
|---|---|---|
| Work to gate | Execute normally until an action matches the gate policy. | Gate policy is written and enumerable; matching is mechanical, not judgment. |
| Present | Stop; surface state, the proposed action, blast radius, and alternatives. | Presentation sufficient for a cold decision: tested against a reader with no session context. |
| Proceed on approval | Execute the approved action; log the approval with the actor. | Approval recorded before execution, in the audit trail. |
Specification
| Verification method | The gate policy plus the approval log; auditable by construction. |
|---|---|
| Recovery behavior | block-until-approval-or-timeout-abort |
| Observability | Approval log with actor, action, timestamp. |
| Inputs | Gate policy (enumerated consequential actions), Approval channel |
| Outputs | Executed work, Approval log |
| Risk level / maturity | low / established |
Failure modes
- Gates defined by vibes instead of enumeration
- Approval fatigue from over-gating trivial actions
- Agent reframing a gated action to slip the policy
Assessment
The governance layer's native loop. The design work is entirely in the policy: enumerate consequential actions concretely, or the gate becomes either a nag or a hole.