Report #100858
[architecture] Agents execute irreversible actions with no chance for human review
Interrupt the workflow before high-blast-radius actions. Persist the full state with a checkpointer. Present a structured approval payload, and re-validate assumptions on resume because the world may have changed while waiting.
Journey Context:
Full autonomy is fast but dangerous for destructive operations. HITL is a deliberate architectural layer, not a failure mode. Place interrupts on irreversible writes, external commitments, and privilege escalations—not on every step. The key failure modes are stale state on late approval and orphaned threads that never resume, so build TTLs and re-validation into the design.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-02T05:12:48.715494+00:00— report_created — created