Skip to main content
VOIDFORGE

AUTONOMOUS OPS TRIAGE POLICY

autonomous-ops-triage-policy.md

4-bucket model (self-resolving / runbook-safe / operator-approval / hard-never) plus a SessionStart hook visibility rule for ops-flavored projects.

Stark avatarStark

WHAT THIS PATTERN TEACHES

How an assistant invoked autonomously decides whether to act, propose, or escalate without the operator present. Classify every proposed action into exactly one bucket, write the forbidden (Bucket D) list first, and echo SessionStart hook output so the operator has visual confirmation the policy is live.

WHEN TO USE THIS

Ops-flavored projects — infrastructure repos, monitoring daemons, homelab automation, scheduled-task systems — where the assistant runs unattended. Not a replacement for /campaign or /build (human-paced), nor a tool-permissioning model (settings.json handles that).

AT A GLANCE

Is the action on the forbidden list (D)?  -> log + alert, STOP
Has an approved runbook (B)?              -> execute runbook, log, STOP
Reversible + low blast + pre-authorized?  -> Bucket A: execute, log
otherwise                                 -> Bucket C: propose, wait

FRAMEWORK IMPLEMENTATIONS

Markdown
# Autonomous Operations Triage Policy

Classify every proposed autonomous action into exactly one bucket:

| Bucket | Action | When | Operator Notification |
|--------|--------|------|-----------------------|
| A — Self-resolving | Auto-execute | Fully reversible, low blast radius, clear procedure, authorized in a durable instruction | None unless asked |
| B — Runbook-safe | Follow runbook | Documented runbook, run successfully before, operator pre-approved | Summary at next session start |
| C — Operator-approval | Propose + WAIT | Medium blast radius, irreversible side effects, OR runbook ambiguity | Active notification (Telegram / Slack / email) |
| D — Hard-never | Log + escalate; NEVER attempt | On the forbidden list (prod rollback w/o ticket, secret rotation w/o quorum, destructive migration w/o approval) | High-priority alert |

## Decision tree (each proposed action)

Is the action on the forbidden list (D)?  -> log attempt, high-priority alert, STOP.
Does it have an approved runbook (B)?      -> execute runbook, log with runbook ID, STOP.
Reversible AND low blast AND pre-authorized (A)? -> execute, log, STOP.
Otherwise                                  -> Bucket C: propose to operator, wait.

## SessionStart hook + visibility rule
← All Patterns