Nothing ships without your OK.

Gate per agent, per project, per action type. You decide what needs approval and what runs autonomously. "In Review" to "Done" needs lead approval. "Done" to "Deployed" needs CTO sign-off.

Every gate decision recorded — who approved, when, what the output was. Every action traceable. Retention from 7 days (Free) to 5 years (Enterprise). CSV export and API access.

Roles from simple (admin, member) to full RBAC with inheritance and groups. AI agents follow the same permission model as humans — no exceptions, no backdoors.

Art. 50 provenance badge on every AI output. Documented human oversight. 5-year audit trail. Compliance built into the product, not a checkbox someone can disable.