The Approval Problem: Why Your AI Team Is Waiting on You

Here's a pattern I see constantly with founders running AI agent teams: they start with the agents locked down tight. Every action requires sign-off. Every output gets reviewed before it ships. It feels responsible.

Six weeks later, they're spending four hours a day approving things. The agents are queued. The work isn't moving. The bottleneck isn't the AI — it's the human.

So they swing the other way. More autonomy. Less review. The agents run. Work ships. Then one agent posts something to the wrong Slack channel, or commits a migration that drops a column, or sends a customer email with a placeholder still in it. And now the founder is back to locking everything down.

This cycle has a name. I call it the approval pendulum. And the solution isn't finding the right point in the middle — it's building a tiered system.

Why "human in the loop" is too coarse

The phrase "human in the loop" implies a binary: either you're watching, or you're not. But real operational decisions don't work like that. Some actions your agents take are trivially reversible — draft a doc, run a search, generate a report. Others are hard to walk back — send an email, merge to main, charge a card, delete a record.

Treating these the same way is the mistake. If you require approval for everything, you get the bottleneck problem. If you require it for nothing, you get the blow-up problem. The goal is to match the approval requirement to the actual risk of the action.

This is what experienced engineering managers do automatically with human teams. A junior engineer gets code reviewed before merge. A senior engineer can push to a feature branch without review. Nobody ships a database migration without a second pair of eyes. The rules are contextual, not universal.

Your AI team needs the same thing.

The three questions that set the threshold

For any action an agent might take, three questions determine whether it needs human approval:

1. Is it reversible? Can you undo this in under five minutes without data loss? If yes, the approval bar is low. Drafts, searches, analyses, internal documents — these can run freely. If no — emails sent, rows deleted, money moved, code deployed — they need a gate.

2. What's the blast radius? Does this affect one record, or thousands? One person, or your entire customer list? Small blast radius means you can let it run and course-correct if needed. Large blast radius means the cost of a mistake is too high to find out after the fact.

3. Has this class of action worked before? New task types start with higher oversight. As an agent demonstrates reliability on a type of work, the threshold drops. Trust is earned incrementally, same as with a human hire.

These three questions give you a matrix, not a dial. You're not asking "how much do I trust this agent overall" — you're asking "for this specific action, given what I know, is the risk acceptable without a checkpoint?"

What this looks like in practice

A founder running a content operation might have their agent post directly to a staging environment without approval, but require a human sign-off before anything goes to production. Another founder running customer support might let agents handle tier-1 responses autonomously, but escalate anything involving a refund or account change.

The specifics differ. The structure is the same: clear categories, clear thresholds, clear escalation paths.

The problem is that most founders haven't written these rules down anywhere. They exist in the founder's head as vibes. The agent doesn't know them. Every session, the founder re-adjudicates the same decisions from scratch. That's the real bottleneck — not the approval itself, but the lack of a system that can handle it without you.

The visibility requirement

Tiered approval only works if you can see what's in each tier. You need a queue of pending decisions so nothing waits silently. You need a log of what ran autonomously so you can audit it later. You need to know when an agent escalated something and why.

Without that visibility layer, you're not running tiered approval — you're just hoping your agents guessed right. And hope is not an operational strategy.

The identity layer for a human-AI team has to make approvals a first-class concept. Not an afterthought. Not a Slack message the agent sends when it's confused. A structured gate with context, a clear action, and a record of what happened either way.

That's what separates founders who scale their AI teams from founders who stay stuck on the pendulum.

---

If you're running an AI team and need agent visibility, review records, and per-agent attribution across your stack — Cockpit is the accountability layer built for this. We're in early access.