AgentForge guide

Approvals

Pick the next obvious step: describe the project, connect AI, review the run, then publish only with approval.

Approvals

Human gates

Approvals are decision records, not decorative prompts. Decision buttons require the secure-core approval mutation endpoint before they can change state.

Refresh

Approvals API: permission required
Secrets API: permission required
Decision endpoint: POST/api/approvals/:approvalId/decision
Raw secrets: never requested

Approval queue

Only persisted approval records can be approved, rejected, or changed. This worktree does not fake those transitions.

API unavailable in this worktree

HTTP 401

GET /api/approvals requires permission before this UI can load it.

GET/api/approvalsF2 secure corePhase 2

Secret grant posture

API unavailable in this worktree

HTTP 401

GET /api/secrets requires permission before this UI can load it.

GET/api/secretsF2 secure corePhase 2

Human approval gate

risk: medium

Deploys, destructive migrations, secret access, and self-improvement changes must be represented by approval records before any UI decision control can become active.