Use cases
Approve the risky
actions. Block the rest.
consensus.tools handles the decisions where being wrong is expensive: gatekeeping, approval, and classification for the actions that ship a bug, send the wrong email, or break prod.
Agentic Workflow Decision Gates
A brake pedal for autonomous systems: it stops irreversible actions before they run.
Action Approval Gate
Should the agent proceed with an irreversible action (send email, push code, execute trade)?
Tool Selection Arbitration
Which tool should be used next? API vs scraper vs human escalation.
Plan Selection Consensus
When multiple agents propose plans, pick the one that is safest and most efficient.
Risk-Weighted Communication
Deciding how careful an agent should be whenever it talks to a real person.
Outbound Email Approval
Should this email be sent as-is, softened, or withheld?
Legal / Compliance Check
Does this wording introduce legal or contractual risk?
Negotiation Posture Selection
Push back, concede, delay, or counter?
Change Management
Catch config and API changes that quietly break backward compatibility.
Config Change Approval
Is this infrastructure or configuration change safe to apply now?
Feature Flag Arbitration
Should this experimental feature be enabled, disabled, or rolled back?
API Version Deprecation
Is it the right time to sunset this version based on usage and stability?
Escalation & Acceptance
Defining the human handoff line and what becomes "source of truth".
Acceptance Gates
Gate agent output: accept or reject, publish or sandbox.
Escalation Thresholds
Does this issue warrant immediate human intervention or further automation?
Verification & Validation
Did the calculation or test actually pass the bar you set?
OWASP Top 10 Security Risks
Every OWASP Top 10:2021 risk mapped to a guard type, consensus policy, and block resolution.
Broken Access Control
Agent attempts privilege escalation or accesses resources outside its authorization scope.
Cryptographic Failures
Code change introduces plaintext secrets, weak ciphers, or unencrypted data in transit.
Injection
Agent-generated tool call contains SQL, command, or prompt injection patterns.
Insecure Design
Proposed architecture lacks threat modeling or skips required security controls.
Security Misconfiguration
Deployment config exposes debug endpoints, default credentials, or permissive CORS.
Vulnerable & Outdated Components
Merge introduces a dependency with a known CVE or CVSS score above threshold.
Identification & Auth Failures
Auth bypass, weak session management, or brute-force path detected in agent action.
Software & Data Integrity Failures
Release pipeline includes unverified artifacts, tampered builds, or unsigned packages.
Security Logging & Monitoring Failures
Deployment would disable or misconfigure audit logging, alerting, or anomaly detection.
Server-Side Request Forgery
Agent initiates an outbound request to an internal or metadata endpoint.
The consensus.tools pattern
Most agent failures come from acting when they shouldn't. consensus.tools makes them ask first.