Use cases
Authority gates for the places AI agents can hurt you.
Permission Protocol adds explicit approval, consequence-aware policy, and signed receipts to AI-authored production changes, GitHub PRs, and sensitive agent tool calls.
AI agent deploy gate
Deploy gate for AI-authored production changes
Add a deploy gate for AI-authored PRs. Block risky production changes until a named human signs the exact repo, PR, commit, policy, and action.
Example
A coding agent opens a PR that updates a deploy workflow, changes a migration under db/migrations, and removes a rollback step. CI is green, but the production consequence is larger than the code diff looks.
GitHub AI code review governance
Approval routing for AI-generated GitHub PRs
Route AI-generated GitHub PRs through consequence analysis, approval gates, and signed receipts before risky code reaches production.
Example
An AI agent opens a polished PR that changes an auth callback, updates a deploy workflow, and includes a confident summary. Reviewers can read the code, but the merge still needs explicit authority because the consequence is production-impacting.
MCP tool call authorization
Approval gates for MCP tools and agent actions
Put approval gates around MCP tools and agent actions. Require authority receipts before agents call sensitive tools, write data, deploy code, or spend money.
Example
An agent has an MCP tool that can update Stripe, delete rows, or message customers. The same server also exposes harmless read-only methods, so a broad allowlist cannot distinguish inspection from production mutation.
Data Mutation Gate
Data mutation gate for AI agents
Require signed authorization before AI agents delete, update, or mutate production data, backups, volumes, and provider resources.
Example
An agent has a provider token that can delete a production database, backup, or volume. The change does not require a PR, so the gate must sit before the provider API call.