Audit an AI workflow for evals, monitoring, and approval points

Decide where the machine stops and the operator steps in.

Source: docs/positioning.md

Input

Workflow description, tool permissions, model/provider choices, risk points, and expected operator handoff.

Decision

Name the automation boundary, approval point, evidence standard, rollback path, and escalation rule.

Evidence

Control gaps, eval/oracle plan, receipt expectations, least-privilege boundary, rollback path, and escalation rule.

Failure handling

If controls are undefined, keep the workflow in implementation substrate rather than client-facing packaging.

What to verify

• The input exists in live evidence.
• The decision has an oracle.
• The evidence path is captured before closeout.