When a policy evaluates an agent action and returnsDocumentation Index
Fetch the complete documentation index at: https://docs.runaegis.co/llms.txt
Use this file to discover all available pages before exploring further.
REQUIRE_APPROVAL, Aegis holds the action in a pending queue and waits for you to decide. The agent is paused, it cannot proceed until you approve or deny the request. This gives you a hard gate on sensitive operations without blocking routine work that passes policy checks automatically.
Which policies trigger approvals
Three built-in policies route actions to the approval queue rather than blocking them outright:Mandatory PR Flow
Mandatory PR Flow
Any agent action that creates or merges a pull request is held for review. This ensures a human verifies PR content, branch, target, and description, before the change is merged.
Sensitive Path Approval
Sensitive Path Approval
Write actions targeting files or directories marked as sensitive (configuration files, secrets paths, core library code) are paused for human sign-off before execution.
Blast Radius Gate
Blast Radius Gate
Actions with a blast radius rated High or Critical are automatically routed to the approval queue. Aegis evaluates the potential impact of the action and requires human confirmation before the agent proceeds.
How the approval workflow works
Agent triggers a policy
Your agent calls a GitHub MCP tool. Aegis evaluates the action against your active policies. If a policy returns
REQUIRE_APPROVAL, the action is paused immediately.Request appears in the dashboard
The pending request is added to the approvals queue. The dashboard header displays a count badge for all unresolved requests. The dashboard home page also shows up to 5 pending approvals in the sidebar panel.
You review the request
Open the Approvals page from the dashboard sidebar. Each card shows you what to check before deciding.
What each approval card shows you
Each pending request displays the following fields to help you make an informed decision:| Field | What it tells you |
|---|---|
| Tool name | The GitHub MCP tool the agent wants to call (e.g. create_pull_request, push_files) |
| Action summary | A plain-language description of what the agent is trying to do |
| Action pointers | Bullet points breaking down the specific changes or arguments |
| Repository / branch | The target repo and branch for the operation |
| PR URL | For pull-request tools, the last action pointer typically contains a direct link to the GitHub PR so you can review the diff before deciding |
| Timestamp | When the agent submitted the request |
Approving and denying
When you act on a request:- Approve, Aegis executes the held action and returns the tool result to the waiting agent. The agent’s session continues.
- Deny, Aegis sends an error back to the agent and discards the action. The agent can decide how to proceed.
Where to find approval requests
Dashboard home
The pending approvals panel on the dashboard home page shows your most recent 5 unresolved requests with inline approve and deny buttons.
Approvals page
The full approvals queue at Dashboard > Approvals shows all requests across all statuses. Use the filter tabs to view pending, approved, or rejected requests separately.
Both the dashboard home page and the Approvals page auto-refresh every 30 seconds. You do not need to reload the page to see new requests arrive.