AI that works for you β and that you control.
Every AI action is classified by risk, gated by the autonomy level you set, written to an append-only audit log, and reversible. Nothing ships outside that gate.
Every action is graded before it runs
Low
Reversible, no spend, no public change β can run on autopilot if you allow it.
Medium
Public-facing or content changes β typically reviewed before they ship.
High
Spend or structural changes β held for your approval.
Critical
Always requires explicit human approval β no exceptions, regardless of mode.
You choose how much the AI does on its own
Manual
AI proposes; nothing runs without you.
Co-pilot
AI drafts and queues; you approve before anything ships.
Approval required
Low-risk actions auto-run; everything else waits for sign-off.
Autopilot
AI executes within your limits β critical actions still need approval.
Approve, audit, roll back
Approval queue
Anything needing sign-off lands in one queue with its reasoning and expected impact. Approve or reject.
Append-only audit ledger
Every AI decision and action is recorded β agent, reasoning, risk, outcome, who approved it. Nothing is hidden or editable.
One-click rollback
Executed actions carry a rollback path, so a change can be reversed from the ledger.
Under the hood, every AI action routes through a single enforcement gate that classifies risk, checks your autonomy setting, logs to the ledger, and only then executes β recording a reversible reference.
Governance FAQs
Can the AI change my site without my approval?
Only within the autonomy level you set, and never for critical or irreversible actions β those always require explicit human approval. You can run fully manual if you prefer.
Is there a record of what the AI did?
Yes β an append-only audit ledger logs every decision and action with its reasoning, risk class, outcome, and approver. It cannot be edited.
What if the AI makes a change I do not like?
Executed actions carry a rollback path, so you can reverse a change from the ledger.