Policy

runtime

Real policy stoplist for action classes, approval gates, recoverable blocks, forbidden paths and temporary exceptions across the BrandGym runtime control plane.

Seed RuntimeSeed Runtime

Open Stops

review / approval / blocked

Critical

highest severity

Exception Requests

needs operator decision

Forbidden Paths

never allow

Policy stoplist

Meta Ads edit remains approval-gatedapprovalcritical

No autonomous publish path should be possible until approval and takeover are both satisfied.

browser-ops

linked surface

Action class

external-write

Scope

campaign / budget / audience

Owner

operator

Trigger

High-risk provider action with operator-assisted credential and MFA dependency.

Required action

Require explicit approval, takeover-capable session and visible audit trail before execution.

Google Business re-auth blocks listing change runsblockedwarning

Policy stop should be treated as recoverable continuity, not silent failure.

credentials

linked surface

Action class

external-write

Scope

profile edits / opening hours / listing content

Owner

operator

Trigger

Session-bound credential is not currently renewed.

Required action

Move dependent work into waiting-for-session and launch guided re-auth.

Runtime seed-backed queues are review-only for live ops claimsreviewattention

Prevents false confidence while UI slices are still transitioning toward persistence.

execution

linked surface

Action class

internal-ops

Scope

runtime control plane messaging

Owner

jimmy

Trigger

Views are structurally real but still backed by seed data, not persisted runtime state.

Required action

Label the surfaces as operator-canon / pre-live and avoid overstating live-runtime guarantees.

Secret material remains forbidden in operator-facing UIforbiddencritical

The console must never become a secret viewer.

credentials

linked surface

Action class

secret-read

Scope

raw credential exposure

Owner

emily

Trigger

Runtime console may expose health and binding state, but never secret values.

Required action

Keep vault state abstracted to metadata, health, usability and required recovery actions only.

Policy trends

Most common stop class

session / re-auth

Credential continuity is currently the main source of policy-linked waiting states.

Highest risk domain

external writes

Browser submits, budget changes and publishing remain the sharp edge of the policy model.

Current governance gap

exception handling UX

Stops and approvals are defined, but operator override flows still need dedicated product treatment.

Exception lane

Temporary operator-assisted browser takeover for Meta setup

requested

browser / meta / operator-assisted · Need a narrow path to continue high-value setup work before the final autonomous governance loop is complete.

Guardrail: Only allowed with explicit approval, audit evidence and no autonomous final submit.

Expires: after v1 takeover flow

Seed-backed runtime console access for architecture validation

active

brandgym-dev / internal control plane · UI architecture needs to be exercised before persistence and live queues are fully connected.

Guardrail: Clearly framed as pre-live operator validation; no claims of production-backed queue truth.

Expires: until persistence slice ships

Linked runtime queues

Approval queue

2 pending approvals intersect with policy-gated flows

Policy-linked alerts

2 alerts should be explainable through policy state

Credential governance

session, MFA and secret-boundary rules should remain visible where credential recovery happens

Linked canon

View docs →

Policy and Action Matrix

Canonical truth for allowed, approval-gated, review and forbidden actions.

Browser and External Action Governance

Explains why external writes, submits and takeovers stay tightly governed.

brandgym.dev Runtime Operations Console

Defines policy visibility, stop resolution and operator intervention as core control-plane behavior.