Private Beta — Contact us to get set up.
Risk classification
Tools are classified by risk level:| Class | Description | Examples |
|---|---|---|
| L0 | Read-only | list_users, get_document, search_tickets |
| L1 | Write | create_ticket, update_record, send_email |
| L2 | Destructive | delete_user, revoke_access, close_account |
| L3 | Data export | export_customers, download_report, bulk_extract |
The approval flow
When a user calls a tool that requires approval: The user gets immediate feedback that their request is pending. They can continue other work while waiting. When the approver acts, the result flows back.Who approves
Approvers are determined by configuration: Manager chain routes to the user’s manager (pulled from your IDP). Managers approve for their reports. Role-based routing sends to users with specific roles. Anapprover role, a security-reviewer role, whatever fits your org structure.
Tool-specific approvers can be set per-tool. The database admin approves database operations; the security team approves access revocations.
Escalation handles timeouts. If the primary approver doesn’t respond within a window, the request escalates to the next level.
Timeout behavior
Requests don’t wait forever. You configure what happens when approval times out:- Deny — Request expires, user notified, must resubmit
- Escalate — Route to next approver in chain
- Allow — Auto-approve after timeout (rarely appropriate for L2+)