Appearance
Agents: approvals & human control
Agents are powerful, so humans stay in control of risky actions and spend.
Capabilities
Tool approvals
Risky mutations pause the run in a "waiting for approval" state and surface an approval card until a human approves or rejects.
Default auto-approved tools
A curated set of low-risk tools (reads, many VM and browser operations) is auto-approved by default. Higher-risk actions — merging a PR, deleting a task, running external tools that write — require approval.
User auto-approval rules
Users can create rules to auto-approve a specific tool for an agent within a room, avoiding repeated prompts for trusted actions.
Role prompt proposals
Agents can propose additions to their own role prompt in conversation; humans accept or reject. See Memory & learning.
Agent spend limits & blocking
Per-agent USD limits (and the org limit) block a thread when exceeded, entering a "blocked by limit" state. See Usage, limits & billing.