skills/marketing-loops/references/loop-guardrails.md
Loops act on a schedule, often on customer data, sometimes with money or a public voice. This reference consolidates the safety rules that keep autonomous loops from doing harm. Apply it to every loop that sends, spends, publishes, or touches personal data.
Classify every action a loop can take:
Tier 1 — Autonomous-safe (a loop may do these unattended): read data, analyze, diff, score, draft, and stage work for review.
Tier 2 — Gated (require a human checkpoint by default): spend money, shift budget, send messages, publish anything public, delete/suppress records, change live account settings.
A Tier-2 action may run without a per-action human check only if the user has explicitly authorized it and it's bounded by caps + an allowlist (below). Absent that, the loop stages a draft and a human approves.
Match each rule to the loops it governs:
When a loop can't confirm consent, permission, or ToS-compatibility, its stop condition is don't act — stage for a human instead.
These never run fully autonomously — route to a human regardless of authorization:
Every scheduled loop needs a manual off switch, and you should know how to stop all loops fast (disable the schedule / cron, or a global flag the loop bodies check). Document it where the loops are scheduled. A loop you can't stop quickly is a liability.
Before scheduling any loop that sends, spends, publishes, or touches personal data: