Trinity

Status: implemented Version: latest Review: source-backed Last scanned: 2026-06-25T00:00:00Z Review required: false

Approvals

Human-in-the-loop gates for outreach, purchase, refund, and high-risk actions.

Approval model

ApprovalRequest and ApprovalEvent records bind sensitive actions to an actor, amount, provider, operation, risk class, payload summary, project/run context, and idempotency key.

Request class	Typical source	Required decision
Gmail send or reply	Hermes action intent or operator draft	Approve, deny, or edit before send
Agent spend/provisioning	Hermes action intent or future Stripe skill	Approve exact provider, amount, and purpose
High-risk copy	NVIDIA safety review or policy match	Approve edited copy or block
Artifact release	Generated deliverable or document export	Approve release/download/share path
Skill promotion	Hermes-created skill candidate	Approve project/account/global promotion

Approval screens are permission-gated and every decision is audit-linked. A denied approval still creates useful proof: it shows that an agent proposed an action, policy held the line, and a human made the final call.

Authority separation

Hermes can propose. Phoenix stores. NVIDIA can review. ToolRouter can execute. A human with the right role approves high-risk actions. That separation is the core safety architecture.

Official references

System	Use in Trinity	Official docs
Hermes	Hosted agent runtime and skills context	Hermes Agent docs
Jido	Narrow policy/firewall action seam	Jido Actions and Workflows
NVIDIA	Nemotron scoring, safety, and QA decisions	NIM LLM API reference
Stripe	Checkout, webhooks, revenue proof, guarded spend	Checkout Sessions API
Gmail	Drafts, sends, aliases, scopes, inbound replies	Gmail API scopes
Phoenix/Oban/Postgres	Control plane, durable jobs, source-of-truth data	Phoenix LiveView

Source paths

lib/autonomous_agency/approvals.ex
lib/autonomous_agency_web/live/approval_live

Was this page useful? Source-backed feedback keeps public docs honest.