Human-in-the-Loop: When Agents Ask for Help

Why Full Autonomy Is Rarely Appropriate

Fully autonomous agents sound appealing in theory: hand off a task and get the result without further involvement. In practice, full autonomy is appropriate only for well-defined tasks with limited consequences for errors. A fully autonomous agent that summarizes documents or classifies support tickets operates in a safe domain where mistakes are easily detected and corrected. A fully autonomous agent that sends emails to customers, modifies production databases, or publishes content operates in a domain where mistakes can damage relationships, corrupt data, or expose the organization to legal risk.

The trust question is fundamental: how much do you trust the agent to make decisions correctly? Trust should be earned through demonstrated performance, not assumed from the start. New agents start with maximum human oversight and earn more autonomy as they prove reliable. This graduated trust model prevents costly mistakes during the period when the agent behavior is least understood and most likely to contain bugs.

Even well-tested agents encounter novel situations that their designers did not anticipate. A customer support agent trained on thousands of tickets will eventually encounter a ticket type it has never seen. A data analysis agent will encounter data formats it was not designed to handle. These edge cases are where human judgment is most valuable, because humans can apply common sense, domain expertise, and ethical reasoning that the agent lacks.

Approval Gates

Approval gates pause the agent at specific points and wait for explicit human approval before proceeding. The gate presents the human with the proposed action (what the agent wants to do), the context (why the agent wants to do it), and the expected impact (what will change if the action is approved). The human can approve, reject, or modify the proposed action.

Gate placement should be determined by risk, not by frequency. Actions with irreversible consequences (deleting data, sending communications, making purchases) warrant gates. Actions with reversible consequences (creating draft documents, generating analysis, searching for information) generally do not. Over-gating frustrates humans with constant approval requests for trivial actions. Under-gating exposes the organization to risk from unsupervised high-impact actions.

Conditional gates add intelligence to the approval process. Instead of always gating a specific action, the gate activates only when certain conditions are met. An email-sending gate might activate only for external recipients, letting internal messages pass without approval. A database modification gate might activate only for production databases, letting development and staging modifications proceed automatically. A spending gate might activate only when the amount exceeds a threshold. These conditional gates reduce the human approval burden while maintaining oversight where it matters most.

Batch approval lets humans approve multiple actions at once rather than one at a time. If the agent needs to send ten similar emails, the human can review the batch and approve all ten with a single action rather than clicking approve ten separate times. Batch approval is more efficient for the human and faster for the agent, but it requires the agent to present the batch in a way that makes differences between items visible.

Review Checkpoints

Review checkpoints differ from approval gates in timing and blocking behavior. While gates block execution until approved, checkpoints present progress summaries at defined intervals without blocking. The agent continues working while the human reviews the checkpoint. If the human finds an issue, they can intervene and redirect the agent. If the review is satisfactory, no action is needed.

Checkpoint frequency balances oversight with efficiency. Too frequent (every step) and the human is overwhelmed with updates. Too infrequent (only at the end) and course corrections come too late to prevent wasted work. A common pattern is phase-based checkpoints: the agent reports when it completes research and before starting analysis, when it completes analysis and before starting writing, and when it completes writing and before publishing. Each checkpoint is a natural decision point where the human can confirm the direction or redirect.

Checkpoint content should be concise and actionable. A good checkpoint summary includes what was accomplished since the last checkpoint, key findings or decisions, what the agent plans to do next, and any concerns or uncertainties. The human should be able to review a checkpoint in under a minute for routine tasks. If checkpoints require extended review, they are too detailed or too infrequent.

Configurable Autonomy Levels

Production agent systems typically offer multiple autonomy levels that can be adjusted per user, per task type, or per risk category. A common three-level scheme includes supervised mode (gates on all actions, the human approves everything), assisted mode (gates on high-risk actions only, the agent handles routine operations independently), and autonomous mode (no gates, the agent runs independently with monitoring only).

Autonomy escalation lets the agent request more autonomy when conditions warrant it. If an agent in supervised mode has executed 50 successful actions without a single human modification, it might request a switch to assisted mode. If granted, the agent handles routine actions independently while still pausing for high-risk operations. This dynamic adjustment reduces human overhead as trust is established.

Per-tool autonomy settings provide granular control. The agent might run autonomously for search and analysis tools, require approval for communication tools, and be completely blocked from administrative tools. These per-tool settings are configured by administrators and enforced by the runtime, ensuring that the agent cannot bypass restrictions even if the model attempts to.

Collaborative Workflows

Collaborative workflows go beyond approval and review to create genuine partnerships between humans and agents. In a collaborative writing workflow, the agent generates a first draft, the human edits it, and the agent incorporates the edits to produce a refined version. Each iteration improves the result by combining the agent speed and breadth with the human judgment and expertise.

Collaborative research has the agent gather and organize information while the human guides the research direction. The agent might present summaries of five research papers and ask the human which themes to explore further. The human selects the most promising direction, and the agent dives deeper. This back-and-forth converges on high-quality results faster than either the agent or the human could achieve alone.

The key to effective collaboration is clear role definition. The agent should know what it is responsible for (gathering data, generating drafts, performing analysis) and what the human is responsible for (strategic direction, quality judgment, final approval). Ambiguous role boundaries lead to the agent either overstepping (making decisions the human should make) or understepping (asking for guidance on things it should handle independently).

Designing Escalation Policies

Escalation policies define when and how the agent transfers control to a human. Explicit escalation criteria include confidence thresholds (escalate when the agent confidence in its decision drops below a defined level), error accumulation (escalate after a defined number of errors in a single task), impact thresholds (escalate when the action would affect more than a defined number of records, dollars, or users), and novelty detection (escalate when the current situation does not match any pattern the agent has seen before).

The escalation handoff should provide the human with everything they need to make a decision without reading through the entire agent conversation. A structured escalation report includes the original task, what the agent has accomplished so far, where the agent got stuck or uncertain, the specific decision the human needs to make, and the agent recommended options with its assessment of each. This structured format enables fast human decision-making, which is critical because slow escalation response times directly impact agent throughput.