Overview
When Cofounder needs to perform actions on your behalf—whether it’s creating GitHub issues, sending emails, or updating project management tools—it uses a structured approval system to ensure you maintain control over all automated actions.How Tool Approvals Work
The Approval Process
When Cofounder identifies that it needs to use a tool or perform an action:- Action Analysis: Cofounder analyzes what tool it needs and why
- Approval Request: A clear message is posted explaining:
- What tool will be used
- What action will be performed
- Why this action is necessary
- What the expected outcome is
- User Decision: You can approve or reject the action
- Execution: Once approved, Cofounder proceeds with the action
- Result Reporting: Cofounder provides feedback on the action’s outcome
Approval Methods
In Slack:- React with 👍 (thumbs up) to approve
- React with 👎 (thumbs down) to reject
- Click the “Approve” or “Reject” buttons
- Review detailed action information before deciding
Approval Modes
Always Ask Mode (Default)
- When to use: When you want manual control over all actions
- Best for: New users, sensitive operations, learning how Cofounder works
- Behavior: Every tool usage requires explicit approval
Always Ask mode is recommended when first setting up Cofounder to understand what actions it performs.
YOLO Mode (Auto-Approve)
- When to use: For trusted, routine operations
- Best for: Well-tested flows, non-sensitive actions
- Behavior: Actions are automatically approved and executed
Hybrid Approach
You can configure different modes for different contexts:- Use Always Ask for new or complex flows
- Use YOLO mode for proven, routine automations
- Switch modes based on the sensitivity of the operation
Permission and Security Model
Permission Inheritance
Cofounder operates using your permissions and credentials:- All actions are performed as if you were doing them yourself
- Cofounder can only access tools and data you have access to
- Your personal API keys and OAuth tokens are used for integrations
Security Considerations
What Cofounder Can Do:- Access any integration you’ve connected
- Perform any action your accounts allow
- Read data from connected services
- Access accounts you haven’t connected
- Perform actions beyond your permission level
- Share your credentials with other users
Best Practices
Review Before Approval
Always read approval requests carefully:- Understand what action will be performed
- Consider the potential impact
- Verify the action aligns with your intent
Start Conservative
- Begin with Always Ask mode for new integrations
- Test flows thoroughly before enabling auto-approve
- Monitor automated actions regularly
Regular Auditing
- Review your flow execution logs periodically
- Check for any unexpected behaviors
- Update or disable flows that aren’t working as expected
Common Approval Scenarios
Data Creation
- Creating new issues, tasks, or projects
- Adding entries to databases or spreadsheets
- Generating and saving documents
Communication
- Sending emails or messages
- Posting to social media
- Creating calendar events
Data Modification
- Updating existing records
- Changing project statuses
- Modifying configurations
Integration Management
- Syncing data between platforms
- Triggering workflows in other tools
- Managing API connections
Troubleshooting Approvals
Action Not Executing After Approval
- Check if your integration credentials are still valid
- Verify you have the necessary permissions for the action
- Look for any error messages in the execution logs
Unexpected Approval Requests
- Review the context that triggered the action
- Check if the flow logic needs adjustment
- Consider if the action is actually necessary
Permission Errors
- Ensure your connected accounts have the required permissions
- Re-authenticate integrations if tokens have expired
- Contact support if permission issues persist