Governed AI Agent Execution with Human-in-the-Loop Tool Verification
Author: rng
Apart Research Technical AI Governance Challenge
February 2026
AI systems are evolving from text generators to autonomous agents that execute real-world actions.
Current governance stops at model OUTPUT. We need governance at ACTION EXECUTION.
Sensitive data processed locally before cloud inference. PII never leaves your infrastructure.
Multi-factor authentication for tool execution. Duo Mobile, webhooks, and manual approval.
8 providers, one interface. Same governance rules apply everywhere.
Only sanitized context reaches cloud providers
HIPAA, GDPR, SOX compatible
We treat AI agent actions with the same rigor as financial transactions. MFA for AI.
| Risk Level | Default Mode | Override | Audit | Example |
|---|---|---|---|---|
| Low | Auto | Yes | Optional | Read public API |
| Medium | Manual | Yes | Recommended | Send notification |
| High | Duo / Webhook | Admin only | Required | Database write |
| Critical | Duo + Webhook | No | Required + Alert | Financial transaction |
Critical operations require BOTH Duo approval AND webhook confirmation from compliance systems.
Every approval decision is logged with timestamp, approver, and context for compliance.
Trade Execution Agent
β No trade without dual approval
Clinical Decision Support
β AI assists, never prescribes
Contract Analysis
β Attorney-client privilege preserved
Process Automation
β Human oversight on all changes
| Property | How We Address It |
|---|---|
| Verification | Every tool call verified before execution |
| Auditability | Complete OpenTelemetry traces |
| Compliance | SOC 2, SOX, HIPAA-compatible logging |
| Reversibility | Deny actions BEFORE they happen |
| Accountability | Clear approval chain (who approved what) |
| Proportionality | Risk-based escalation, not all-or-nothing |
As AI systems gain agency, governance must shift from
controlling OUTPUTS to controlling ACTIONS.
Two-stage pipeline keeps sensitive data local
Human approval before high-stakes actions
Complete trace of every decision
Treating AI agent actions with the same rigor as
financial transactions is not just possibleβit's practical.
Questions?
Author: rng
Apart Research Technical AI Governance Challenge
February 2026