request-approval

Use Preloop's request_approval tool to get human approval before risky operations like deletions, production changes, or external modifications

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "request-approval" with this command: npx skills add preloop/request-approval

Request Approval Skill

Use Preloop's request_approval MCP tool to get human approval before executing risky operations. Preloop will notify the user (via Slack, email, mobile apps, etc.) and wait for their response.

Setup

Preloop must be configured as an MCP server. See references/SETUP.md for configuration details.

When to Request Approval

ALWAYS Request Approval For:

  • Deleting anything (files, directories, database records, cloud resources)
  • Production changes (deployments, config changes, environment variables)
  • Database operations (schema changes, migrations, bulk deletions/updates)
  • External modifications (creating/merging PRs, posting to APIs, sending emails)
  • Security changes (permissions, access controls, API keys)
  • Financial operations (purchases, charges, refunds)
  • System modifications (installing packages, changing system settings, CI/CD changes)

Usually Request Approval For:

  • Creating pull requests or issues (unless explicitly requested)
  • Pushing commits to main/master branches
  • Modifying critical files (package.json, requirements.txt, docker-compose.yml, etc.)
  • Running commands that modify system state
  • Making bulk changes (affecting many files/records)

DON'T Request Approval For:

  • Reading files or data
  • Searching or querying
  • Creating feature branches
  • Running tests (in isolated environments)
  • Making commits to feature branches

How to Use

Call the request_approval tool BEFORE executing the risky operation.

Parameters

Required:

  • operation (string): Clear, specific description of what you'll do

    • ✅ Good: "Delete the logs/2024-01/ directory containing 1,234 log files (2.3GB)"
    • ❌ Bad: "Delete some logs"

  • context (string): Additional details about what will be affected

    • ✅ Good: "This directory contains archived application logs from January 2024. The logs have been backed up to S3. Deleting will free up 2.3GB."
    • ❌ Bad: "Old logs"

  • reasoning (string): Why this operation is necessary

    • ✅ Good: "Disk usage is at 92% capacity. These logs are archived in S3 and no longer needed locally."
    • ❌ Bad: "Need more space"

Optional:

  • caller (string): Auto-populated by Preloop
  • approval_policy (string): Specific approval policy name (uses account default if omitted)

Response

The tool returns a string:

  • Approved: Success message → proceed with the operation
  • Denied: "Approval denied" or "Approval denied: {reason}" → STOP, don't execute
  • Error: Error message → check configuration or try again

Quick Example

Task: User asks to delete old cache files

Your workflow:

  1. Check what exists: 3,421 cache files, 1.8GB, from last week
  2. Call request_approval:
    • operation: "Delete the temp-cache/ directory"
    • context: "Contains 3,421 cache files totaling 1.8GB from batch jobs that ran last week. All jobs completed successfully."
    • reasoning: "Cache is no longer needed and is consuming disk space. Results are in the database."
  3. Wait for response
  4. If "denied" in response → tell user it's cancelled, ask for alternatives
  5. If approved → proceed with deletion

See references/EXAMPLES.md for more examples.

Decision Framework

When unsure:

  1. Can this be undone easily? NO → Request approval
  2. Could this cause harm or data loss? YES → Request approval
  3. Is this modifying production or external systems? YES → Request approval
  4. Would a human want to review this first? YES → Request approval
  5. Am I uncertain about the safety? YES → Request approval

Golden Rule: When in doubt, request approval. Better to ask unnecessarily than to cause harm.

If Approval is Denied

  1. Stop immediately - do NOT proceed
  2. Check for comments - denial may include reasoning
  3. Inform the user - explain why it was cancelled
  4. Look for alternatives - can you accomplish the goal differently?
  5. Don't retry - don't ask again unless circumstances change

Best Practices

DO:

  • ✅ Request approval BEFORE executing
  • ✅ Be specific and detailed
  • ✅ Include numbers (file count, size, affected records)
  • ✅ Explain the impact
  • ✅ Respect denials

DON'T:

  • ❌ Execute first, then ask
  • ❌ Be vague
  • ❌ Bundle multiple operations
  • ❌ Proceed if denied
  • ❌ Skip approval because you think it's "probably fine"

Additional Resources

Remember: Safety first! Trust is earned by being cautious and respectful of the user's systems and data.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

OpenClaw Guard

配置文件修改守护脚本 - 危险操作前自动备份,一键回滚

Registry SourceRecently Updated
2750Profile unavailable
General

SQL Guard Copilot

Simplify SQL querying and troubleshooting for MySQL, PostgreSQL, and SQLite. Use when users ask to inspect schema, convert natural language to SQL, debug SQL...

Registry SourceRecently Updated
3190Profile unavailable
General

YES.md 中文版

當任務涉及修改檔案、設定、資料庫或部署時觸發。當除錯連續失敗 2 次以上時觸發。當即將猜測或假設而沒有證據時觸發(「應該是」「可能是」「我覺得」「感覺是」)。當把問題推給用戶時觸發(「請你檢查」「建議您手動」「你可能需要」)。當改完東西沒有驗證就說完成時觸發。當下結論或判定根因時觸發。當有工具卻不用時觸發(有 W...

Registry SourceRecently Updated
2820Profile unavailable
General

YES.md

Use when any task involves modifying files, configs, databases, or deployments. Use when debugging hits 2+ failures. Use when about to guess or assume withou...

Registry SourceRecently Updated
2800Profile unavailable