Docs / AI Pilot / Approval Cards and Safety Model

Approval Cards and Safety Model

Published · Last updated: May 2026 · 5 min read

Who this is for

All users who interact with AI Pilot, especially anyone who will approve or deny AI-proposed infrastructure actions.

What you will complete

Understand how approval cards work, the three impact levels, what each level means for your infrastructure, and how to respond safely.

Before you begin

  • AI Pilot must be enabled and Write Actions must be on under Settings → AI Agent → Agent Controls.
  • You need Owner or Admin role to approve write actions.

What is an approval card?

Every time AI Pilot proposes an action that will change your infrastructure, it pauses and presents an approval card before executing. The card shows:

  • What the AI intends to do — a plain-English description of the action
  • Which server or site it affects — the hostname or site name
  • Impact level — Safe, Caution, or Destructive
  • The exact command — an expandable section showing the underlying operation (optional to view)
  • Allow and Deny buttons — your final decision

The AI cannot proceed past an approval card without your explicit approval. If you close the page, the card remains pending and no action is taken.

The three impact levels

Safe (green)

Actions that are low-risk and easy to reverse.

Examples:

  • Viewing server metrics or logs
  • Reading environment variable names (not values)
  • Listing installed packages

What to check before approving: Confirm the server or site name matches what you intended.

Caution (amber)

Actions that modify configuration or trigger restarts. These are reversible but may cause a brief service interruption.

Examples:

  • Restarting a web service (nginx, apache)
  • Updating a firewall rule
  • Renewing an SSL certificate
  • Deploying a new site version
  • Creating a backup

What to check before approving:

  1. Confirm the correct server and site name.
  2. Check if this is a production server. If Production Protection is on, the card will not appear for production servers.
  3. Consider whether a brief downtime is acceptable right now.

Destructive (red)

Actions that permanently delete or overwrite data. These cannot be undone.

Examples:

  • Deleting a server
  • Deleting a site
  • Deleting a backup file
  • Dropping a database

What to check before approving:

  1. Read the action description carefully.
  2. The Allow button is disabled until you type the exact server or site name shown in the confirmation field.
  3. Confirm you have a recent backup before proceeding.
  4. If you have any doubt, click Deny.

Step-by-step: reviewing an approval card

  1. When AI Pilot proposes an action, an approval card appears inline in the chat.
  2. Read the action description at the top of the card.
  3. Check the impact badge (Safe, Caution, or Destructive) in the upper right of the card.
  4. If you want to see the exact operation, click View command to expand the command section.
  5. Confirm the server name and site name shown match your intended target.
  6. For Destructive actions:

a. Read the red confirmation prompt — it shows the name you must type. b. Type the exact server or site name in the text box. c. The Allow button activates only when the name matches exactly (case-insensitive).

  1. Click Allow to approve, or Deny to cancel.
  2. After approving, the card transitions to "Executing..." and then shows "Completed" or "Failed" with output.

What success looks like

  • The card changes from "Action Required" to "Completed" with a green checkmark.
  • The Activity Center shows the operation completing in real time.
  • The AI reports the result in the chat message following the card.

Common errors and fixes

"Allow button is greyed out on a Destructive action" Cause: You have not typed the confirmation name yet, or the text does not match exactly. Fix: Type the exact server or site name shown in the red prompt. Spelling and spacing must match. Case does not matter.

"I approved a Caution action and the service briefly went down" Cause: Expected behavior for service restarts or certificate renewals. The operation succeeded. Fix: No action needed. Monitor the Activity Center to confirm the service recovered.

"The approval card says 'Expired'" Cause: You did not respond to the card within the session timeout window. Fix: Ask AI Pilot to propose the action again. Type your original instruction again.

"I see 'Denied' on a card I did not click" Cause: Another admin in your organization denied the card from their session. Fix: Check the audit trail under Settings → Audit Log to see which user denied the action.

"The card shows a server name I do not recognize" Cause: The AI may have selected the wrong server from your fleet. Fix: Click Deny immediately. Rephrase your instruction with the explicit server name.

Safety notes

  • You cannot undo a Destructive action after clicking Allow. Always verify the target name.
  • Approval cards are session-specific. They do not carry over to other users' sessions except when another admin views the same card in a shared session.
  • If you navigate away from the page, pending cards remain pending. No action is taken until you approve.
  • Production Protection adds an extra layer: even if you ask the AI to act on a production server, write approval cards will not appear for those servers when the feature is enabled.

Related articles