Automation Skips Required Approval

An automated AI or workflow step proceeds past an approval gate that should have been required before action.

What This Looks Like

An automated AI or workflow step proceeds even though approval should have been required. It may send, update, route, publish, escalate, delete, notify, call a tool, or modify state without waiting for the required human or system approval gate.

Why It Matters

Approval gates are control points. If automation skips them, the workflow may perform actions that have not been authorized, reviewed, or accepted. This can create compliance, safety, audit, and recovery problems because the action has already happened before authority is confirmed.

Structural Signal

An action crosses an approval boundary without the required authority state. The issue is not merely that automation acted quickly; it is that the approval condition was missing, bypassed, or not enforced.

Common Triggers

Approval requirements are documented but not encoded in automation
The agent treats generated output as approval
A tool or workflow executes after classification without a gate
Approval state is stored separately and not checked before action
Default automation paths skip edge-case approvals
A retry or repair path bypasses the normal approval step

When to Use This Issue

Use this Issue when automation proceeds past a required approval gate and performs or triggers action without the needed approval.

When Not to Use This Issue

Do not use this Issue when approval was not required. Do not use it when the problem is that approval was slow or denied. This Issue applies when a required approval boundary is skipped.

Primary Pattern

PAT-0120 — Missing Authority

Declared Patterns

PAT-0120 — Missing Authority
A structural condition where a region, action, state, or decision path exists without a declared governing authority.
PAT-0420 — Undeclared Side Effect
A structural condition where an operation modifies regions outside its declared target scope without a declared propagation or side-effect rule.
PAT-0180 — Compatibility Violation
A structural condition where a graph, object, behavior, or runtime state exceeds a declared compatibility envelope without an authorized exception.

Derived Primary Lenses

LEN-0100 — Absence Lens
Detects structurally required elements that are missing from the observed structure.
LEN-0110 — Authority Overlay Lens
Maps declared authority hierarchies onto observed structure to detect absence, override, or conflict.
LEN-0130 — Compatibility Envelope Lens
Determines whether structure fits within declared runtime, platform, version, or support constraints.
LEN-0240 — Overreach Lens
Detects structure that exceeds declared scope or authority reach.
LEN-0250 — Propagation Lens
Traces how structural declarations, effects, or state changes propagate across boundaries or stages.

Derived Secondary Lenses

LEN-0120 — Boundary Compliance Lens
Evaluates observed structure against declared boundary posture, including allow, block, and exception rules.
LEN-0150 — Conflict Lens
Detects mutually incompatible constraints, claims, states, or declarations that cannot be simultaneously satisfied.
LEN-0220 — Isolation Boundary Lens
Evaluates whether structural constraints, effects, and regions remain contained within declared boundaries.
LEN-0270 — Reconciliation Lens
Evaluates whether structural changes align with declared authority updates, version changes, or reconciliation rules.

Search Intents

automation skips required approval
AI automation bypassed approval
workflow skipped approval gate
agent acted without required approval
approval gate bypassed
automated action skipped review

Ontology Metadata

Code: ISS-0111
Version: ISS-0111@0.1.0
Ontology release: 0.1.0
Updated: 2026-05-10T00:00:00Z

History

No public history entries recorded.

View full ontology changelog