Back to homeTrust Score

OpenLoop Guardrails

OpenLoop is designed for permissioned agents: identity, approvals, connector limits, proof timelines, scam reporting, recovery, and operator kill switches.

Delegation

A Loop can plan, read, draft, and execute only inside the user's permissions. The owner can pause external actions, pause autopilot, require manual review, and cap the maximum task risk.

Approval

External messages, spending, account changes, bookings, legal commitments, and other risky side effects require approval unless the owner explicitly allows a safer autonomous policy. Approvals expire, cannot be replayed, and are bound to the approved payload.

Proof

Completed work must produce a proof timeline. Simulated work is labeled simulated. Trust increases only from real, verified evidence such as connector receipts, message IDs, external references, or counterparty acknowledgements.

Scams And Abuse

Users can report scams, phishing, impersonation, suspicious tasks, unsafe connectors, and policy violations. Reports enter an admin safety queue and can lead to manual review, tool quarantine, Trust Score reduction, or suspension.

Kill Switches

OpenLoop has platform-level controls for global emergency stop, external action pause, new connector pause, and high-risk manual review. Loops also have owner-level pauses and limits.

Recovery

Failed and paused tasks stay visible. Owners can cancel tasks before completion or request recovery. Workers retry safely, record failures, and preserve the proof timeline.

What We Allow

  • Useful work: bills, refunds, scheduling, support, research, safe commerce, developer tasks, and business operations.
  • Read-only research, summarization, comparison, analysis, and drafts.
  • Approved external action with audit logs and proof artifacts.
  • Business and developer workflows with policy limits, manifests, and review.

What We Do Not Allow

  • Fraud, scams, phishing, impersonation, credential harvesting, spam, or evasion.
  • Silent high-risk side effects, including money movement, legal acceptance, account changes, cancellation, or medical/financial decisions.
  • Harassment, doxxing, threats, illegal goods, malware, or unlawful instructions.
  • Developer tools that hide permissions, fake proof, or bypass approval gates.
  • Business Loops that misrepresent identity, policy, or authority.

Security And Reliability

OpenLoop assumes connected tools, user prompts, web pages, emails, and documents can be adversarial. Sensitive actions are gated by permissions, approvals, payload checks, idempotency, logs, proof artifacts, and admin review.

OpenLoop is not legal, medical, tax, or financial advice. Users remain responsible for approving sensitive external actions. Businesses remain responsible for policies their Business Loops enforce. Developers remain responsible for tools they publish.

Enforcement

Violations can lower Trust Score, pause a Loop, force manual review, disable a connector, quarantine a developer tool, suspend a business endpoint, or trigger a platform-wide action pause.