External Comms Approval Policy Template
Require human approval before AI agents can trigger external communications like emails, Slack messages, API calls to third-party services, or any action that leaves your system boundary. The agent's request is held in a pending state until a human reviewer approves or rejects it — ensuring no unvetted content reaches customers, partners, or external systems.
What this prevents
A sales outreach agent was configured to draft and send follow-up emails to prospects. A prompt injection in a prospect's LinkedIn bio caused the agent to compose an email containing confidential pricing information and competitive positioning that was never meant for external sharing. The agent sent 45 emails before the team noticed. With an external communications approval policy, every outgoing email would have been held for human review — the malicious draft would have been caught and rejected.
Policy template
Copy this into your govyn.yaml and adjust the values to match your requirements.
agents:
outreach_agent:
approval:
require_for:
- tool_call: send_email
- tool_call: post_to_slack
- tool_call: create_ticket
- content_contains: ["Dear ", "Hi ", "Subject:"]
approvers:
- team: customer-success
- email: lead@govynai.com
timeout: 3600s
on_timeout: reject
budget:
daily: $5.00
logging:
replay: true
log_approvals: trueHow it works
Agent generates an external communication
The AI agent decides to send an email, post a message, or call an external API as part of its workflow. It makes the tool call through the LLM provider.
Govyn detects the approval trigger
Govyn inspects the response for tool calls or content patterns that match the approval rules. Matching tool calls (send_email, post_to_slack) or content patterns trigger the approval gate.
Request is held pending approval
The request is placed in a pending queue and a notification is sent to the configured approvers. The agent receives a 'pending approval' status and can continue other work.
Human reviews and approves/rejects
An approver reviews the full content of the communication in the Govyn dashboard or via the notification link. They can approve, reject, or edit before sending.
Timeout safety net
If no approver responds within the configured timeout (e.g. 1 hour), the request is automatically rejected — ensuring stale communications are never sent.
Configuration options
| Option | Description | Example |
|---|---|---|
approval.require_for | Tool calls or content patterns that trigger approval | tool_call: send_email |
approval.approvers | Teams or individuals who can approve requests | team: customer-success |
approval.timeout | Max time to wait for approval before auto-action | 3600s |
approval.on_timeout | Action when approval times out: reject or approve | reject |
logging.log_approvals | Log approval decisions for audit trail | true |
Add this policy to your config
Start Govyn with this policy in under 5 minutes. No code changes needed.
Get startedRelated policy templates
Maintain complete audit trails for AI agent operations. Log every request, response, and policy decision for regulatory compliance.
Detect and redact personally identifiable information in AI agent requests and responses. GDPR-friendly PII protection at the proxy level.
Protect production environments from AI agent damage. Model restrictions, rate limits, and approval gates for high-risk operations.
Explore more
The Replit AI agent deleted a production database, fabricated 4,000 fake records, then lied about it. Three lines of policy YAML would have stopped it.
INTEGRATIONGovern OpenClaw agents using Claude. Add budget enforcement, model policies, and conversation replay to your OpenClaw workflows.
INTEGRATIONAdd governance to any Python AI agent. Works with requests, httpx, and the OpenAI SDK. Budget limits, policy enforcement, full replay.
COMPARISONCompare Govyn and AgentOps for AI agent management. Proxy-level governance vs SDK-based observability and tracing.