You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add human-in-the-loop approval for destructive tool calls
- Introduce ApprovalRequest dataclass and ApprovalHandler callback type
- In prompt permission mode, pause the run with status
"pending_approval" when no handler is configured, recording the
approval request in result metadata for resume
- Add --hitl-approval CLI flag that prompts y/N on stderr for each
unapproved destructive call
- TUI always attaches an approval handler that prompts inline and
records the approved call_id for the session
- Emit tool_call_pending_approval, tool_call_approved, tool_call_denied,
and run_paused audit events through the lifecycle
- Track pending_approval status in RunStore heartbeat and summarize
Copy file name to clipboardExpand all lines: docs/cli.md
+10-1Lines changed: 10 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -384,6 +384,14 @@ teaagent agent run gpt "Create a TODO.md summary" --approve-call-id write-todo-1
384
384
385
385
The model decision must use the approved `call_id` for that exact destructive tool call. Other destructive calls remain blocked.
386
386
387
+
For interactive HITL approval during a CLI run, use:
388
+
389
+
```bash
390
+
teaagent agent run gpt "Create a TODO.md summary" --hitl-approval
391
+
```
392
+
393
+
Without `--hitl-approval`, an unapproved destructive tool in `prompt` mode returns `pending_approval` with the required `call_id`. Re-run with `--approve-call-id <call_id>` or use `agent resume` with the same approval token.
0 commit comments