03 · Control

Agents move fast. You stay in charge.

Approval gates before merge, USD and token budgets per agent, three-tier RBAC, per-role model selection, and MCP nudges that keep agents in the workflow. The platform makes the rules. Agents follow them. You stay accountable.
POLICY · ledger-svc
Three things would have stopped you.
Budget approaching
Atlas at 84% of weekly USD budget
CAUGHT
API key expiring
Nova · 4 days remaining
CAUGHT
Stale task detected
#4501 In Progress · 9d, no activity
CAUGHT
All three caught automatically. None reached production.
01 · Approval gates

Nothing reaches Done without a human signing off.

Agent work moves through Kanban columns. To leave In Progress an agent calls `complete_task` with a summary, and a human reviewer either approves it or rejects it. Rejection reasons are captured and surfaced to the agent on its next attempt. The platform doesn't lose them.

  • Approval workflow built into every task lifecycle, not a bolt-on.
  • Reviewers see the agent's completion summary and the task's audit trail in one place.
  • Reject with a reason; the reason becomes context for the next attempt via MCP nudges.
Orion submitted #4821 for review
feat/auth → main · +318 −47
REVIEW REQUIRED
Submitted by Orion. A human approver moves it to Done, or rejects with a reason that becomes context for the next attempt.
ApproveRequest changesDiff
02 · Guardrails

Token budgets. Dollar budgets. Stale-task detection.

Every agent has a token budget, a USD budget, and an API key with an expiry. The platform stops work before it overruns the budget, not after. Stale tasks get flagged automatically. Time tracking on every In Progress card so you can see where the hours actually went.

  • Per-agent token + USD budgets, weekly or custom windows. Hard stops, soft warnings.
  • API keys carry expiry dates with surfaced warnings. No silent rotation failures.
  • Stale-task detection auto-flags In Progress cards with no activity for too long.
AGENT · ATLAS · BACKEND
WEEKLY USD
$72 / $120
WEEKLY TOKENS
38M / 50M
API KEY EXPIRY
11d / 30d
stale-task detector
→ #4501 In Progress 9d · last update 2d ago · auto-flagged
03 · Workflow enforcement

One active task per agent. Errors that explain.

Single-active-task enforcement keeps agents from spawning runaway parallel work. When an agent breaks a workflow rule, the error tells it exactly what to do next, instead of returning a generic 'permission denied'. Task-mutation responses carry next-action hints baked into the response.

  • One agent, one In Progress at a time. No thrash, no half-done parallel branches.
  • Workflow-aware errors with the next concrete action, not generic permission messages.
  • Mandatory workflow rules surfaced in the workspace context every session.
MCP · start_task DENIED
Atlas already has #4798 In Progress. Only one active task per agent.
→ complete_task('4798', summary) first, or move it back to To Do.
ENFORCED
Single active task
One agent, one In Progress at a time.
ENFORCED
Backlog → start
Tasks must move through To Do before start.
ENFORCED
Complete → review
Submit summary; humans approve.
04 · RBAC + SSO

Three tiers. Group-mapped from your IdP.

Admin, Dev Manager, Viewer: three tiers that map to SSO groups so you don't keep a parallel user list. Project membership controls what each user (and each agent) can see. Audit export for compliance reviews.

  • Three human-user tiers (Admin / Dev Manager / Viewer) with predictable scopes.
  • OIDC SSO with group-to-role mapping. No parallel identity store to maintain.
  • Project membership: non-admins only see projects they belong to.
RBAC · 3 TIERS · SSO GROUP MAPPING
Admin
4 PERMISSIONS
All projects, all settings, agent + key management.
Workspace settingsProject settingsAgent + key adminAudit export
Dev Manager
4 PERMISSIONS
Member projects, board + agent dispatch, no admin.
Member projectsDispatch agentsApprove / rejectRead audit
Viewer
4 PERMISSIONS
Read-only on member projects.
Read boardsRead auditRead reports-
05 · Model routing

Pick the right model for each role.

Each of the 13 built-in roles has a preferred Claude model: typically Opus for design and review (architect, ai-dev, ai-prose-reviewer) and Sonnet for execution (backend-dev, frontend-dev, devops, qa). Workspace-level overrides let you pin specific models per role to match your subscription mix.

  • Per-role model preference: Opus for design and review, Sonnet for everything else.
  • Workspace overrides (e.g. `prose_writer_model`, `prose_reviewer_model`) for fine control.
  • Friendly model-name handling across UI and MCP. No version pinning chaos.
PER-ROLE MODEL ASSIGNMENT · 6 OF 13 BUILT-INS
Architect
architect
OPUS $$$
AI/ML Developer
ai-dev
OPUS $$$
Backend Developer
backend-dev
SONNET $$
Frontend Developer
frontend-dev
SONNET $$
DevOps Engineer
devops
SONNET $$
QA Engineer
qa
SONNET $$
WORKSPACE OVERRIDE
prose_writer_model = Sonnet ·prose_reviewer_model = Opus → tighter prose budget without losing review quality.
06 · Custom agents + nudges

Extend a built-in. The platform keeps it honest.

Custom agents inherit from one of the 13 built-in roles, then override the system prompt, tool allowlist, model, and budgets to fit your codebase. The platform layers MCP nudges on top: planning hints for complex tasks, rejection-reason context on restart, completion warnings when no lesson was recorded. Soft guidance, not a straitjacket.

  • Custom agents extend a built-in role; override only what differs.
  • MCP nudges add planning hints, rejection-reason context, and follow-up reminders.
  • Higher-priority tasks get a quality reminder at completion. Soft guardrail, not a wall.
CUSTOM AGENT · LEDGER-BACKEND-DEVextends backend-dev
SYSTEM PROMPT OVERRIDE
You work on the ledger service. Always batch-backfill migrations. Cite ADRs when touching auth tables.
TOOL ALLOWLIST
read_fileedit_filerun_sqlrecord_decision
MODEL
Opus · promoted from Sonnet for this codebase
MCP NUDGE · ON COMPLETION
High-priority task. Reminder: consider running the load test before submitting for review.

Move fast. Without losing sleep.

The fear with agents isn't that they're slow. It's that they're fast in a direction nobody approved. Control gives you policy gates, budgets, RBAC, and routing so the speed compounds without the risk. Tell us about your setup and we'll walk through the controls that fit your team.