Skip to main content
Approvals are the point. If an agent can make a risky production change with no human checkpoint, you do not have a trust layer.

Current approval paths

  1. Hosted API approval
  2. GitHub comment approval capture

What is true today

  • risky plans can require approval before apply
  • agents cannot self-approve without approval permission
  • approval changes the plan’s next action
  • approval and apply show up in the audit trail

When approval usually matters

  • production-facing env var changes
  • shared secret rotation
  • coordinated multi-provider changes
  • anything with deployAfter: true on meaningful targets

GitHub path in one glance

  1. create an approval-gated plan with requestChannel: "github-comment"
  2. include repo + issue or PR context
  3. provide an approver allowlist
  4. Keycli posts the summary comment
  5. an allowed human comments /keycli approve <plan-id>
  6. Keycli verifies the context and approves the plan

What GitHub approval is not yet

  • full GitHub App workflow automation
  • broad repo-membership inference
  • deep retry and reconciliation machinery

Best first learning loop

  1. low-risk preview change
  2. high-risk approval-gated change
  3. inspect the audit trail