← Back to blog
Trust2 min read
Trust-gated autonomy is a product feature, not a policy slide
How R1/R2/R3 risk classes shape approval requirements and automation boundaries.
Theo Boutron
Autonomy without trust controls is not speed. It is deferred incidents.
Our baseline classes:
- R1 low blast radius
- R2 shared workflow impact
- R3 compliance, security, billing, irreversible risk
Concrete examples:
- R1: low-impact draft update with safe rollback
- R2: cross-team schedule reallocation affecting delivery windows
- R3: permission model change or billing-impacting automation
Operational rule
- R1 can proceed with lightweight checks
- R2 requires explicit reviewer sign-off
- R3 requires strict approvals and auditable traceability
Operational edge
This model keeps velocity high on low-risk paths, and keeps high-risk paths auditable and reversible.
Proof anchor
See governance evidence rows in:
specs/competition_killer_pack/CLAIM_EVIDENCE_MATRIX_2026-02-24.md
Book a 15-min call
Book a 15-min callRelated articles
The Loop2 min read
MCP-first runtime shipped: one core, many surfaces
The contract core now drives web, API, MCP, and GPT from one runtime model.
Theo Boutron
Outbound3 min read
Meeting intelligence now compiles into execution
I shipped meeting intelligence as an execution compiler, not a recap archive.
Theo Boutron
Outbound3 min read
Scheduling is now policy-aware execution, not calendar theater
I shipped scheduling and booking as a decision engine with policy and risk controls.
Theo Boutron