Use cases

High-Integrity
Coordination.

consensus.tools is not for "creativity." It is for gatekeeping, approval, and classification where correctness compounds and failure is expensive.

Agentic Workflow Decision Gates

The "brake pedal" for autonomous systems. Ensuring irreversible actions are safe.

Action Approval Gate

High Risk

Should the agent proceed with an irreversible action (send email, push code, execute trade)?

PolicySUPERMAJORITY

Guardagent-action

On BlockPage oncall + block action

Tool Selection Arbitration

Medium Risk

Which tool should be used next? API vs scraper vs human escalation.

PolicyMAJORITY_VOTE

Guardagent-action

On BlockFallback to safe default tool

Plan Selection Consensus

High Risk

Multiple agents propose plans — choose which plan is safest and most efficient.

PolicySUPERMAJORITY

Guardagent-action

On BlockQueue for human review

Risk-Weighted Communication

Arbitrating tone, posture, and risk where agents intersect with humans.

Outbound Email Approval

Medium Risk

Should this email be sent as-is, softened, or withheld?

PolicyMAJORITY_VOTE

Guardsend-email

On BlockHold in draft queue

Legal / Compliance Check

High Risk

Does this wording introduce legal or contractual risk?

PolicyHUMAN_IN_THE_LOOP

Guardpublish

On BlockBlock + escalate to legal

Negotiation Posture Selection

High Risk

Push back, concede, delay, or counter?

PolicySUPERMAJORITY

Guardagent-action

On BlockQueue for human review

Change Management

The biggest sleeper: ensuring system changes don't break backward compatibility.

Config Change Approval

High Risk

Is this infrastructure or configuration change safe to apply now?

PolicySUPERMAJORITY

Guarddeployment

On BlockRevert and notify team

Feature Flag Arbitration

Medium Risk

Should this experimental feature be enabled, disabled, or rolled back?

PolicyMAJORITY_VOTE

Guarddeployment

On BlockHold change pending review

API Version Deprecation

High Risk

Is it the right time to sunset this version based on usage and stability?

PolicyHUMAN_IN_THE_LOOP

Guarddeployment

On BlockBlock + require explicit approval

Escalation & Acceptance

Defining the human handoff line and what becomes "source of truth".

Acceptance Gates

High Risk

Gatekeeping agent output: Accept vs reject, publish vs sandbox.

PolicySUPERMAJORITY

Guardcode-merge

On BlockBlock merge + page reviewer

Escalation Thresholds

Medium Risk

Does this issue warrant immediate human intervention or further automation?

PolicyVETO_BASED

Guardagent-action

On BlockEscalate to senior oncall

Verification & Validation

Low Risk

Unsexy but unstoppable: did the calculation or test pass sufficiently?

PolicyMAJORITY_VOTE

Guardagent-action

On BlockLog warning + continue

OWASP Top 10 Security Risks

Every OWASP Top 10:2021 risk mapped to a guard type, consensus policy, and block resolution.

A01:2021

Broken Access Control

High Risk

Agent attempts privilege escalation or accesses resources outside its authorization scope.

PolicyVETO_BASED

Guardpermission-escalation

On BlockBlock + append audit trail

A02:2021

Cryptographic Failures

High Risk

Code change introduces plaintext secrets, weak ciphers, or unencrypted data in transit.

PolicySUPERMAJORITY

Guardcode-merge

On BlockBlock merge + trigger security review

A03:2021

Injection

High Risk

Agent-generated tool call contains SQL, command, or prompt injection patterns.

PolicyVETO_BASED

Guardagent-action

On BlockBlock all injection-flagged calls

A04:2021

Insecure Design

High Risk

Proposed architecture lacks threat modeling or skips required security controls.

PolicyHUMAN_IN_THE_LOOP

Guardcode-merge

On BlockBlock + route to security design review

A05:2021

Security Misconfiguration

High Risk

Deployment config exposes debug endpoints, default credentials, or permissive CORS.

PolicySUPERMAJORITY

Guarddeployment

On BlockRevert deploy + page oncall

A06:2021

Vulnerable & Outdated Components

Medium Risk

Merge introduces a dependency with a known CVE or CVSS score above threshold.

PolicyMAJORITY_VOTE

Guardcode-merge

On BlockHold PR + trigger dependency scan

A07:2021

Identification & Auth Failures

High Risk

Auth bypass, weak session management, or brute-force path detected in agent action.

PolicyVETO_BASED

Guardpermission-escalation

On BlockBlock + force re-authentication

A08:2021

Software & Data Integrity Failures

High Risk

Release pipeline includes unverified artifacts, tampered builds, or unsigned packages.

PolicySUPERMAJORITY

Guarddeployment

On BlockBlock release + integrity alert

A09:2021

Security Logging & Monitoring Failures

Medium Risk

Deployment would disable or misconfigure audit logging, alerting, or anomaly detection.

PolicyMAJORITY_VOTE

Guarddeployment

On BlockHold + inject required audit hooks

A10:2021

Server-Side Request Forgery

High Risk

Agent initiates an outbound request to an internal or metadata endpoint.

PolicyVETO_BASED

Guardagent-action

On BlockBlock + log full request context

The consensus.tools pattern

"Most agent failures come from acting when they shouldn't. consensus.tools provides the control layer for autonomy."

GatekeepingApprovalClassificationVerificationSecurity