Specialist Skill

Three-Tier Approval Workflows — Automation With Human Oversight

Autonomous monitoring runs freely. Content drafts queue for approval. Client-facing actions require explicit confirmation. Three tiers that match automation to risk.

Get on GitHub

Approval Workflows: The Right Amount of Automation for Every Task

Some things should run automatically. A weekly ranking scan doesn’t need your permission — it just needs to run and report. Some things should wait for you. A GBP post shouldn’t go live until someone reads it. And some things need you to explicitly say “go” before anything happens. A client email shouldn’t send because a task fired — it should send because you confirmed the content, the recipient, and the timing.

The approval workflow system gives you three tiers that match automation level to risk level. Nothing runs without the right oversight for that type of action.

The Three Tiers

Tier 1: Autonomous

Runs, writes output, no human needed. The agent acts on its own authority.

Used for: Monitoring alerts, ranking reports, audit scans, competitor snapshots, prospect audits. These are observation tasks — they collect data and write findings. Nothing gets published, sent, or changed.

How it works:

Task executes → Output written to brief directory →
Brief session log updated → Optional notification sent

You get a Slack message: “Weekly scan complete for Keystone Buffalo — 1 new finding. See report.” That’s it. The scan ran, the data is in the file, the brief is current. Review it when you have time.

Tier 2: Queue for Approval

Runs, produces a draft, holds until a human approves. Nothing goes live until you say yes.

Used for: GBP posts, review responses, local page content, client-facing reports. These are content creation tasks — they produce something that will be visible to the public or to clients.

How it works:

Task runs → Draft created in drafts/ folder →
Approval request sent to Slack/email →
You reply APPROVE, REJECT, or EDIT [notes] →
Action proceeds or draft archives

The Slack message includes a preview of what was drafted and clear action buttons:

✍️ Approval Required — GBP Posts — Keystone Buffalo
4 posts drafted for April. Ready to schedule.
Preview: drafts/2026-04-01-gbp-posts.md

Reply APPROVE to publish | REJECT to discard | EDIT [notes] to revise
Expires: 2026-04-09

If you don’t respond within 48 hours, you get one reminder. At 72 hours, the draft auto-archives and gets flagged in the brief. Nothing expires silently.

Tier 3: Notify Before AND After

Highest stakes. The agent notifies before execution, waits for explicit go-ahead, executes, then confirms completion.

Used for: Client-facing emails, GBP or website publishing, third-party actions. These are actions with external visibility that are difficult to reverse.

How it works:

Task prepares content → PRE-approval notification sent →
You reply CONFIRM → Task executes →
POST-execution confirmation sent to you and client

The pre-approval notification shows exactly what will happen:

⚡ Action Pending Confirmation — Monthly Report Email
About to send April performance report to: contact@keystoneinsurance.com
Preview: reports/2026-04-01-monthly.md

Reply CONFIRM to send | CANCEL to abort

After you confirm and the email sends, both you and the client contact get confirmation with a timestamp and reference. Full audit trail.

Configuration Lives With the Client

Each client’s approval preferences are set in their brand brief:

approval:
  reviewer: agency
  reviewer_channel: slack
  reviewer_contact: #local-seo-alerts
  client_notify: true
  client_channel: email
  client_contact: contact@keystoneinsurance.com
  client_notify_format: summary
  approval_timeout_hours: 48
  timeout_action: archive

One client might want every GBP post reviewed before publishing. Another might trust your judgment and set posts to autonomous. A third might want the client CC’d on every approval request. The configuration is per-client, not global.

Single-user setup (freelancers, business owners):

approval:
  reviewer: self
  reviewer_channel: slack
  reviewer_contact: #my-alerts
  client_notify: false

Simple. Alerts come to your channel. No client notifications. You approve or reject directly.

Non-Negotiable Guardrails

Regardless of configuration, four actions always require explicit human approval:

  • Client GBP content publication — posts, photos, updates to live profiles
  • Emails to clients or third parties — nothing sends without confirmation
  • Website content publishing — no page goes live automatically
  • Any action that’s difficult to reverse — deletions, account changes, profile modifications

These can’t be overridden to autonomous. The system enforces the guardrail even if someone misconfigures the settings.

How Approval Workflows Connect to Tasks and Briefs

Every scheduled task has a default approval tier. Monitoring tasks default to autonomous. Content drafting tasks default to queue. Client communication tasks default to notify.

When a task runs, the approval workflow determines what happens to the output:

  • Autonomous: Output goes straight to the brief directory. Done.
  • Queue: Output goes to drafts/ and waits. The brief’s deliverables section shows it as pending.
  • Notify: Output goes to drafts/, a pre-notification fires, and nothing happens until confirmation arrives.

The brief always reflects current state. Pending approvals show in deliverables. Approved and executed work shows in the session log. Expired drafts get flagged.

Skill Documentation

For technical details on tier configuration, timeout behavior, notification formats, and platform implementation, see the full approval workflow documentation.

All 36 skills. Free. Open source. Get on GitHub →