Skip to main content

Support · Governance

Understanding GOVMODE

GOVMODE is TaurusX's multi-layer governance system. It adds human approval checkpoints to agent actions so nothing consequential happens without your sign-off.

Back to Support

What is GOVMODE?

GOVMODE is a governance layer that sits between an agent's intent and its execution. Before an agent takes a high-impact action — sending a message, creating a record, modifying data — GOVMODE evaluates the action against your policies and, if required, pauses for human approval.

It is designed for teams that want the productivity benefits of autonomous agents without the risk of unreviewed side effects in production systems.

GOVMODE is available on all paid plans. Enterprise plans can configure custom policy sets from the Guardian Console.

How it works

Every agent action is scored against three dimensions before execution:

DimensionWhat it checksExample
ScopeDoes the action fall within the agent's declared permissions?Agent with read-only GitHub tries to push a commit → blocked
Risk levelWhat is the blast radius if this action goes wrong?Deleting a database record scores higher risk than reading one
PolicyDoes your workspace governance policy permit this action type?Policy blocks external email sends without approval

Actions that pass all three dimensions execute immediately. Actions that fail or score above your configured risk threshold are held in the Approvals queue.

Enable or disable

GOVMODE can be toggled at three levels, each overriding the level below it:

  • Platform level — always enforced for P1 security actions regardless of any other setting. Cannot be disabled.
  • Workspace level — configured by workspace admins in Guardian Console → Governance → Policies. Applies to all agents in the workspace.
  • Agent level — each agent can have a stricter policy than the workspace default but cannot have a looser one. Set this in the agent's permission panel during creation.
Disabling GOVMODE at the workspace level does not disable platform-level enforcement. Actions classified as critical (data deletion, external communications, billing changes) always require approval regardless of workspace settings.

Approvals and overrides

When an action is held for approval you will see a notification in the Approvals tab (and optionally an email or push notification depending on your alert settings).

From the approval card you can:

  • Approve — the agent executes the action immediately
  • Reject — the agent skips this action and continues (or stops, depending on how it was designed)
  • Request changes — leave a comment; the agent re-evaluates and resubmits

Enterprise accounts can configure auto-approval rules for low-risk actions from trusted agents, reducing approval fatigue while keeping high-risk actions human-reviewed.

Common questions

My agent is stuck waiting for approval. Where do I approve it?

Open the Approvals tab in the main navigation. All pending approvals are listed there with context about what the agent is trying to do.

Can I approve actions from mobile?

Yes. The TaurusX mobile app shows Approval notifications and lets you approve, reject, or request changes directly from the notification or from the Approvals screen.

GOVMODE is blocking an action I know is safe. Can I whitelist it?

Yes. Workspace admins can create an allow-list rule in Guardian Console → Governance → Policies. Specify the action type, the agent, and the target service.

What happens to an agent if I never approve its pending action?

The action stays in the queue indefinitely. The agent will not proceed past that step until you approve or reject. Pending approvals older than 7 days send a reminder notification.

Still need help?

Our support team usually responds within a few hours.

Submit a ticket