Skip to main content
Governance is Forge’s answer to a fundamental question in autonomous agent orchestration: how do you let agents act fast while keeping humans in control? Every step an agent dispatches, every workflow run launched, and every delegated execution passes through a governance pipeline before it touches a gateway. The pipeline evaluates a sequence of , checks declarative policies, enforces budget ceilings, and — when required — pauses execution for human approval. The result is a that either allows the action, blocks it with a structured explanation, or holds it pending operator approval.

The Three Pillars

Forge governance rests on three pillars that work together as a layered defense:
Safety Gates

Fail-fast sequential pipeline. Two pipelines: dispatch (11 checks) and launch preflight (5 gates).

Declarative Policies

Condition-based rule engine. Block, require approval, warn, or log. Scoped: global, gateway, agent, env.

Budget Controls

Hierarchical budget envelopes. Daily, weekly, monthly periods. Auto-pause on exhaustion.

Governance Pipeline

Forge uses two governance pipelines, selected by action type. The dispatch pipeline evaluates step and delegated-run dispatches through a sequence of safety gates. The launch pipeline runs a lighter preflight check before a workflow run is created. Both are fail-fast: if any gate blocks, remaining gates are skipped and the decision is returned immediately. This keeps governance evaluation fast — typically completing in single-digit milliseconds.

DISPATCH PIPELINE (step_dispatch / delegated_run_dispatch)

Interpreter. Dispatch Request

Step ready in DAG. Calls governance engine with full context.

evaluate
Safety Gates. 11 Sequential Checks (fail-fast)
1Gateway Health

Infrastructure

2Agent Status

Lifecycle

3Identity (NHI)

Credential

4Concurrency

Resource Limit

5Rate Limit

Throughput

6Agent Budget

Cost Control

7Envelope Budget

Cost Control

8Trust + Autonomy

Access Control

9Context Trust

Provenance

10Policy Rules

Declarative

11Approval

HITL

decision
Allow

All gates passed. Step proceeds to gateway dispatch.

Block

Gate failed. Step marked failed with structured error code.

Hold

Approval required. Execution pauses for human decision.

Gate Summary

Every governance evaluation produces a GovernanceDecision containing the outcome of each gate. Here is the full gate sequence for step dispatch (the primary pipeline):
#GatePurposeBlocks WhenRetryable
1Gateway HealthVerify the target gateway is operationalGateway is offlineNo
2Agent StatusVerify the agent is not paused, terminated, or in errorAgent is paused/terminated/errorPaused only
3Identity (NHI)Validate agent Non-Human Identity credentialNHI credential expiredNo
4ConcurrencyEnforce per-agent concurrent step limitsRunning steps at or above max limitYes
5Rate LimitEnforce dispatch rate limits via sliding windowAgent exceeds rate limitYes
6Agent BudgetCheck agent-level monthly budget ceilingSpent at or above budget limitNo
7Envelope BudgetsCheck all applicable budget envelopes (global, gateway, agent)Any envelope exhaustedNo
8Trust Level + AutonomyVerify agent trust level meets gateway minimum and autonomy rung permits the action typeAgent trust below gateway minimum, or rung blocks actionNo
9Context TrustVerify dispatch context provenance meets role requirementsSource class rejected or context staleFreshness only
10Policy RulesEvaluate declarative policies (block/require_approval)Policy with block action matchesNo
11Approval RequiredCheck if HITL approval is required and whether it existsPolicy requires approval and none existsNo
The launch preflight pipeline (workflow_run_launch) uses a separate 5-gate sequence: authorityPosturegatewayHealthworkflowReadinesspolicyRulesapprovalRequired. This lighter pipeline checks whether the execution authority posture permits run creation, whether the workflow has a valid version, and whether launch policies require approval.
Gate 4 (Concurrency) is skipped for delegated run dispatch since delegated runs manage their own sub-step concurrency. The identity gate (gate 3) degrades gracefully — agents without NHI credentials pass until NHI provider integration is complete. See Safety Gates for full gate details.

GovernanceDecision

Every governance evaluation produces a GovernanceDecision record. This is the single source of truth for what happened during evaluation and is persisted as an audit event for every dispatch attempt. The decision includes:
  • dispositionpass, block, or hold
  • gates — Outcome of every gate (pass, fail, or skipped with reason)
  • blockedBy — When blocked: gate name, error code, message, and whether the failure is retryable
  • heldBy — When held: policy name, policy ID, and trigger that caused the hold
  • budgetSnapshot — Current spend and limits for the agent and all envelopes
  • trustSnapshot — Agent trust level and gateway minimum requirement
  • contextTrustSnapshot — Role trust config vs dispatch provenance evaluation
  • scopeConstraints — Role-derived constraints (environments, tool allow/deny lists, data access)
  • actorIdentity — Structured identity envelope for the actor
  • roleSnapshot — Resolved role ID, name, and autonomy tier
  • explanation — Structured explanation with reasons and unblock hints
  • evaluatedAt / durationMs — Timestamp and evaluation duration
The explanation field provides machine-readable reasons for every gate outcome and, for block/hold decisions, concrete unblock hints that tell operators exactly what would need to change for the decision to flip. This data is queryable via the Platform API and powers governance explanation surfaces in operator interfaces. See the Forge Console Guide for the operator experience.

Audit Trail

Every GovernanceDecision is persisted in the auditEvents table with category governance or safety_gate. Events are retained for 365 days and are filterable by category, actor type, resource type, and timestamp. The audit trail provides complete traceability for every governance decision made by the platform.

Next Steps