Hyphen
Log In

Safety and Approvals

This document outlines the safety features and approval processes built into Agent to ensure secure and reviewable operations.

Agent is designed to make operations work reviewable. Actions that create, delete, change, or propose changes use confirmations, permissions, and audit-friendly output.

Table of Contents

Structured Input Requests

Agent uses structured input requests when it needs approval or missing information. Depending on the request, you may see:

  • A yes/no confirmation.
  • A free-text response.
  • A choice from available options.
  • A choice with additional text.

In Slack, input requests render as buttons or modals. Slack input requests are scoped to the requester who started the Agent turn.

Reviewable Code Changes

When Agent changes code or repository configuration, it proposes the change through a pull request. The pull request can include the context that led to the change, such as a log analysis finding or stale feature flag detection.

Review, test, and merge pull requests using your normal repository workflow.

Resource Clarification

If a prompt names a resource that matches multiple projects, apps, environments, links, feature flags, or other resources, Agent asks you to choose the intended resource.

Agent uses attached chat context first. Remove context badges before sending a message if you do not want Agent to use the current project, app, or environment as the scope.

Permissions and Access

Agent follows the same access rules as the Hyphen App. If you cannot view or mutate a resource directly, Agent should not perform that action for you.

Some capabilities also depend on external integration permissions, such as GitHub repository access or New Relic data access.

Memory Safety

Agent only updates member memory when you explicitly ask it to remember, update, forget, or clear a durable preference or fact.

Do not store secrets in member memory. Keep credentials, tokens, private keys, and other sensitive values in the appropriate secret management system.

Capability-Specific Guardrails

  • Stale feature flag cleanup excludes perpetual feature flags.
  • Repository changes are proposed through pull requests.
  • Mutating project, link, QR code, and cleanup actions require confirmation.
  • Log analysis issue automation is additive when matching existing issues; it comments rather than rewriting existing issue bodies.
  • Slack actions require a resolved Hyphen member and organization.