request-approval

Use Preloop's request_approval tool to get human approval before risky operations like deletions, production changes, or external modifications

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "request-approval" with this command: npx skills add preloop/request-approval

Request Approval Skill

Use Preloop's request_approval MCP tool to get human approval before executing risky operations. Preloop will notify the user (via Slack, email, mobile apps, etc.) and wait for their response.

Setup

Preloop must be configured as an MCP server. See references/SETUP.md for configuration details.

When to Request Approval

ALWAYS Request Approval For:

  • Deleting anything (files, directories, database records, cloud resources)
  • Production changes (deployments, config changes, environment variables)
  • Database operations (schema changes, migrations, bulk deletions/updates)
  • External modifications (creating/merging PRs, posting to APIs, sending emails)
  • Security changes (permissions, access controls, API keys)
  • Financial operations (purchases, charges, refunds)
  • System modifications (installing packages, changing system settings, CI/CD changes)

Usually Request Approval For:

  • Creating pull requests or issues (unless explicitly requested)
  • Pushing commits to main/master branches
  • Modifying critical files (package.json, requirements.txt, docker-compose.yml, etc.)
  • Running commands that modify system state
  • Making bulk changes (affecting many files/records)

DON'T Request Approval For:

  • Reading files or data
  • Searching or querying
  • Creating feature branches
  • Running tests (in isolated environments)
  • Making commits to feature branches

How to Use

Call the request_approval tool BEFORE executing the risky operation.

Parameters

Required:

  • operation (string): Clear, specific description of what you'll do

    • ✅ Good: "Delete the logs/2024-01/ directory containing 1,234 log files (2.3GB)"
    • ❌ Bad: "Delete some logs"

  • context (string): Additional details about what will be affected

    • ✅ Good: "This directory contains archived application logs from January 2024. The logs have been backed up to S3. Deleting will free up 2.3GB."
    • ❌ Bad: "Old logs"

  • reasoning (string): Why this operation is necessary

    • ✅ Good: "Disk usage is at 92% capacity. These logs are archived in S3 and no longer needed locally."
    • ❌ Bad: "Need more space"

Optional:

  • caller (string): Auto-populated by Preloop
  • approval_policy (string): Specific approval policy name (uses account default if omitted)

Response

The tool returns a string:

  • Approved: Success message → proceed with the operation
  • Denied: "Approval denied" or "Approval denied: {reason}" → STOP, don't execute
  • Error: Error message → check configuration or try again

Quick Example

Task: User asks to delete old cache files

Your workflow:

  1. Check what exists: 3,421 cache files, 1.8GB, from last week
  2. Call request_approval:
    • operation: "Delete the temp-cache/ directory"
    • context: "Contains 3,421 cache files totaling 1.8GB from batch jobs that ran last week. All jobs completed successfully."
    • reasoning: "Cache is no longer needed and is consuming disk space. Results are in the database."
  3. Wait for response
  4. If "denied" in response → tell user it's cancelled, ask for alternatives
  5. If approved → proceed with deletion

See references/EXAMPLES.md for more examples.

Decision Framework

When unsure:

  1. Can this be undone easily? NO → Request approval
  2. Could this cause harm or data loss? YES → Request approval
  3. Is this modifying production or external systems? YES → Request approval
  4. Would a human want to review this first? YES → Request approval
  5. Am I uncertain about the safety? YES → Request approval

Golden Rule: When in doubt, request approval. Better to ask unnecessarily than to cause harm.

If Approval is Denied

  1. Stop immediately - do NOT proceed
  2. Check for comments - denial may include reasoning
  3. Inform the user - explain why it was cancelled
  4. Look for alternatives - can you accomplish the goal differently?
  5. Don't retry - don't ask again unless circumstances change

Best Practices

DO:

  • ✅ Request approval BEFORE executing
  • ✅ Be specific and detailed
  • ✅ Include numbers (file count, size, affected records)
  • ✅ Explain the impact
  • ✅ Respect denials

DON'T:

  • ❌ Execute first, then ask
  • ❌ Be vague
  • ❌ Bundle multiple operations
  • ❌ Proceed if denied
  • ❌ Skip approval because you think it's "probably fine"

Additional Resources

Remember: Safety first! Trust is earned by being cautious and respectful of the user's systems and data.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

SQL Guard Copilot

Simplify SQL querying and troubleshooting for MySQL, PostgreSQL, and SQLite. Use when users ask to inspect schema, convert natural language to SQL, debug SQL...

Registry SourceRecently Updated
081
Profile unavailable
General

OpenClaw 沙盒测试系统

OpenClaw 沙盒测试系统 v2.0 - 零风险配置变更测试,9 层防护 +5 原则,自动备份回滚,Git 版本管理

Registry SourceRecently Updated
0145
Profile unavailable
General

OpenClaw Sacred Rules

Provides essential safety rules and tools for managing OpenClaw configs, backups, auth troubleshooting, and recovery to prevent system failures.

Registry SourceRecently Updated
0239
Profile unavailable