Documentation
Approval gates
Monroe never sends, modifies, or commits anything externally-visible without explicit human approval. Period. The default approval rules:
| Action | Approval required? |
|---|
|---|---|
| Read a Slack thread | No (read-only) |
|---|---|
| Summarize what it read | No |
| Draft a reply | No (just a draft) |
| Send a Slack message publicly | Yes |
| Send a DM to a teammate | Configurable (default: no) |
| Read a Drive doc | No |
| Write to a Drive doc | Yes |
| Comment on a GitHub PR | Yes |
| Merge a PR | Yes |
| Update a CRM record | Yes |
| Execute a Stripe action | Yes (always) |
| Schedule a meeting | Yes |
| Save a draft email | No (it's just a draft) |
| Send an email | Yes |
When Monroe needs approval, you see an interactive message in the channel (or DM) with two buttons: Approve or Deny. Click Approve, Monroe executes. Click Deny (with optional reason), Monroe doesn't.
Customizing rules
Workspace admins choose an approval mode in Settings → Approvals: recommended (the table above), strict (every write requires approval, including DMs and email drafts), or manual (every action — read or write — requires approval; useful for compliance pilots).
Per-action overrides ("auto-approve internal Slack posts," "always require approval on emails to customers," "multi-approver gate above $50k on Stripe actions") are on the public roadmap for the next release. Enterprise contracts can have these wired server-side today — email enterprise@getmonroe.com.
The audit trail
Every approval decision (who, when, what, outcome) is in the run log. The dedicated audit log page describes what's live today vs. on the roadmap (in-dashboard browser + S3/Splunk/syslog exports).