Skip to main content
Governance is Forge’s answer to a fundamental question in autonomous agent orchestration: how do you let agents act fast while keeping humans in control? Every step an agent dispatches, every workflow run launched, and every delegated execution passes through a governance pipeline before it touches a gateway. The pipeline evaluates a sequence of , checks declarative policies, enforces budget ceilings, and — when required — pauses execution for human approval. The result is a that either allows the action, blocks it with a structured explanation, or holds it pending operator approval.

🏛️ The Three Pillars

Forge governance rests on three pillars that work together as a layered defense:
Safety Gates

10-gate sequential pipeline. Health, status, concurrency, rate limits, budgets, trust, context, policies.

Declarative Policies

Condition-based rule engine. Block, require approval, warn, or log. Scoped: global, gateway, agent, env.

Budget Controls

Hierarchical budget envelopes. Daily, weekly, monthly periods. Auto-pause on exhaustion.

🛡️ Governance Pipeline

When a workflow step is ready to dispatch, the interpreter calls the governance engine. The engine evaluates a sequence of gates in strict order. If any gate blocks, remaining gates are skipped and the decision is returned immediately. This fail-fast behavior keeps governance evaluation fast — typically completing in single-digit milliseconds.

GOVERNANCE PIPELINE

Interpreter. Dispatch Request

Step ready in DAG. Calls governance engine with full context.

evaluate
Safety Gates. 10 Sequential Gates (fail-fast)
1Gateway Health

Infrastructure

2Agent Status

Lifecycle

3Concurrency

Resource Limit

4Rate Limit

Throughput

5Agent Budget

Cost Control

6Envelope Budget

Cost Control

7Trust Level

Access Control

8Ctx Trust

Provenance

9Policy Rules

Declarative

10Approval

HITL

decision
Allow

All gates passed. Step proceeds to gateway dispatch.

Block

Gate failed. Step marked failed with structured error code.

Hold

Approval required. Execution pauses for human decision.

📋 Gate Summary

Every governance evaluation produces a GovernanceDecision containing the outcome of each gate. Here is the full gate sequence for step dispatch:
#GatePurposeBlocks WhenRetryable
1Gateway HealthVerify the target gateway is operationalGateway is offlineNo
2Agent StatusVerify the agent is not paused, terminated, or in errorAgent is paused/terminated/errorPaused only
3ConcurrencyEnforce per-agent concurrent step limitsRunning steps at or above max limitYes
4Rate LimitEnforce dispatch rate limits via sliding windowAgent exceeds rate limitYes
5Agent BudgetCheck agent-level monthly budget ceilingSpent at or above budget limitNo
6Envelope BudgetsCheck all applicable budget envelopes (global, gateway, agent)Any envelope exhaustedNo
7Trust LevelVerify agent trust level meets gateway minimumAgent trust below gateway minimumNo
8Context TrustVerify dispatch context provenance meets role requirementsSource class rejected or context staleFreshness only
9Policy RulesEvaluate declarative policies (block/require_approval)Policy with block action matchesNo
10Approval RequiredCheck if HITL approval is required and whether it existsPolicy requires approval and none existsNo
Gate 3 (Concurrency) is skipped for delegated run dispatch since delegated runs manage their own sub-step concurrency. The launch preflight pipeline uses a different gate sequence entirely — see Safety Gates for details.

⚖️ GovernanceDecision

Every governance evaluation produces a GovernanceDecision record. This is the single source of truth for what happened during evaluation and is persisted as an audit event for every dispatch attempt. The decision includes:
  • dispositionpass, block, or hold
  • gates — Outcome of every gate (pass, fail, or skipped with reason)
  • blockedBy — When blocked: gate name, error code, message, and whether the failure is retryable
  • heldBy — When held: policy name, policy ID, and trigger that caused the hold
  • budgetSnapshot — Current spend and limits for the agent and all envelopes
  • trustSnapshot — Agent trust level and gateway minimum requirement
  • contextTrustSnapshot — Role trust config vs dispatch provenance evaluation
  • scopeConstraints — Role-derived constraints (environments, tool allow/deny lists, data access)
  • actorIdentity — Structured identity envelope for the actor
  • roleSnapshot — Resolved role ID, name, and autonomy tier
  • explanation — Structured explanation with reasons and unblock hints
  • evaluatedAt / durationMs — Timestamp and evaluation duration
The explanation field provides machine-readable reasons for every gate outcome and, for block/hold decisions, concrete unblock hints that tell operators exactly what would need to change for the decision to flip. This data is queryable via the Platform API and powers governance explanation surfaces in operator interfaces. See the Burgundy Dashboard Guide for the operator experience.

📋 Audit Trail

Every GovernanceDecision is persisted in the auditEvents table with category governance or safety_gate. Events are retained for 365 days and are filterable by category, actor type, resource type, and timestamp. The audit trail provides complete traceability for every governance decision made by the platform.

🚀 Next Steps