Human-in-the-Loop Agents
The best production agents are not fully autonomous everywhere. They know when to ask, pause, escalate, or require approval.
When humans must be involved
Require human review for:
- spending money
- deleting data
- sending external messages
- changing permissions
- modifying production systems
- making legal/medical/financial decisions
- handling uncertain identity
- repeated tool failures
- low-confidence answers
Approval design
An approval request should include:
- action the agent wants to take
- reason
- inputs and sources
- expected impact
- risk level
- rollback plan
- approve/reject/edit options
Escalation levels
| Level | Example |
|---|---|
| notify | "I completed the low-risk task." |
| confirm | "Should I send this email?" |
| approve | "Approve this database update." |
| review | "Check my analysis before release." |
| handoff | "A human needs to take over." |
Avoid fake human-in-the-loop
Bad patterns:
- asking for approval after the action is already done
- hiding important context from the reviewer
- making approve the only easy option
- asking humans to review too many low-risk actions
- no audit log
Audit trail
Log:
- who approved
- what was approved
- exact arguments
- timestamp
- model and prompt version
- tool result
- rollback status
Knowledge check
Q1: What makes an approval request useful?
It shows the action, reason, evidence, impact, risk, and rollback path.
Q2: Why is asking after the action a bad pattern?
Because it is not real approval; the risk already happened.