Pattern
Approval Gate
Side-effecting actions require explicit human approval before execution; non-side-effecting actions don't.
When to use
When the agent has access to actions that cost money, modify external state, or send messages. Define the policy at design time, not after legal complains. Approval should be cheap for routine cases and require deliberation for risky ones.
When not to use
For read-only operations. Approval-everything systems get reviewer fatigue and produce rubber-stamps.