request-approvalUse Preloop's request_approval tool to get human approval before risky operations like deletions, production changes, or external modifications
Install via ClawdBot CLI:
clawdbot install yconst/request-approvalUse Preloop's request_approval MCP tool to get human approval before executing risky operations. Preloop will notify the user (via Slack, email, mobile apps, etc.) and wait for their response.
Preloop must be configured as an MCP server. See references/SETUP.md for configuration details.
Call the request_approval tool BEFORE executing the risky operation.
Required:
operation (string): Clear, specific description of what you'll docontext (string): Additional details about what will be affectedreasoning (string): Why this operation is necessaryOptional:
caller (string): Auto-populated by Preloopapproval_policy (string): Specific approval policy name (uses account default if omitted)The tool returns a string:
Task: User asks to delete old cache files
Your workflow:
request_approval:See references/EXAMPLES.md for more examples.
When unsure:
Golden Rule: When in doubt, request approval. Better to ask unnecessarily than to cause harm.
DO:
DON'T:
Remember: Safety first! Trust is earned by being cautious and respectful of the user's systems and data.
Generated Mar 1, 2026
An AI agent managing cloud resources needs to delete unused virtual machines and storage buckets to reduce costs. It uses request_approval to get human confirmation before deletion, ensuring no critical production data is lost. This is common in DevOps or IT operations teams handling AWS, Azure, or GCP environments.
An AI assistant in a fintech app processes refunds or charges for customers. Before executing any financial operation, it requests approval to prevent unauthorized transactions and comply with regulatory standards. This helps maintain trust and accuracy in banking or e-commerce platforms.
During software development, an AI tool plans to alter database schemas or run bulk updates in production. It uses request_approval to ensure a human reviews the changes, minimizing risks of downtime or data corruption. This scenario is typical for engineering teams in SaaS companies.
An AI agent automates posting data to external APIs or merging pull requests in a code repository. Before making these external modifications, it requests approval to avoid unintended impacts on third-party systems or codebases. This is useful for marketing or development teams managing integrations.
An AI system handling IT security needs to modify user permissions or rotate API keys in a production environment. It uses request_approval to get oversight from security administrators, ensuring compliance and preventing unauthorized access. This applies to cybersecurity or enterprise IT sectors.
Offer the request-approval skill as part of a premium AI agent platform with tiered subscriptions. Revenue comes from monthly fees based on usage volume or number of approvals processed, targeting businesses needing safety controls.
Sell the skill as a licensed add-on for large organizations, with custom integration and support services. Revenue is generated through one-time license fees and ongoing maintenance contracts, focusing on industries with high compliance needs.
Provide a basic version of the skill for free to attract users, then charge for advanced features like custom approval policies or analytics. Revenue comes from upgrades and in-app purchases, appealing to startups and small teams.
š¬ Integration Tip
Ensure the Preloop MCP server is properly configured and accessible before use; test the request_approval tool with non-risky operations first to verify connectivity and response handling.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.