Lesson 4.5: When to Keep a Human in the Loop

🎯 What You'll Learn: Which automations are safe to run unattended, and which must never act without a person checking first
⏱️ Time Required: 35 minutes

---

The Question Nobody Asks Until Something Goes Wrong

Riley's margin report runs every Monday at 7:30am. No one touches it. The numbers come out, the Slack message fires, Marcus Webb reads it. Nobody gets hurt.

Then she configured her client briefing automation to send emails automatically. It sent one to the wrong counterparty with the wrong numbers attached.

"The automation worked exactly as designed. That was the problem. I designed it to send, and it sent. I hadn't thought about what happens when the output is wrong. The skill was fast and confident. I needed to be the one who was careful."
— Riley Harper

This lesson is about that judgment. Not token caching, not approval-step architecture. Just a simple rule you can apply to any automation before you let it run unattended.

---

The Reversibility-Plus-Stakes Rule

Two questions determine whether an automation needs a human checkpoint:

1. Is this reversible?

2. What are the stakes if it's wrong?

The rule:

Reversible + low stakes → safe to run unattended

Not reversible OR high stakes → keep a human in the loop

If you're unsure: add a human checkpoint. The cost of an unnecessary review is low. The cost of an unreviewable mistake is high.

---

The "Draft, Don't Send" Pattern

The most useful application of this rule is the draft-first approach.

Instead of: "Write and send the weekly client update email."

Use: "Write a draft of the weekly client update email and save it to /drafts. I'll review and send it."

The automation does 90% of the work. You do the last 10%, the part that requires your judgment.

Riley's application:

"My margin report automation writes the report and sends a Slack notification to me. I review the numbers, then I forward the report to the portfolio managers. The automation doesn't touch the PMs directly. That step stays with me."

The pattern applied across common automations:

---

What's Safe to Run Unattended

Not everything needs a human. These categories are generally safe to run fully automated:

Internal reports and dashboards

The wrong person won't see them

Easy to regenerate if something's off

No external consequences

Data transformation and formatting

Moving data from one format to another

Calculating metrics

Generating charts or summaries for internal use

Drafts and staging content

Files created but not published

Emails written but not sent

Forms filled but not submitted

Audit and monitoring

Log files

Validation checks

Alerts about things to review (not actions taken)

Riley's test:

"I ask myself: if this automation runs tonight while I'm asleep and produces something wrong, what's the worst that happens? If the answer is 'I'll fix it tomorrow morning,' it's probably fine to run unattended. If the answer involves a client, a regulator, or an irreversible action, it needs a review step."

---

What Must Never Run Without Human Review

These categories require a checkpoint before the automation takes the final action:

External communications

Emails to clients, partners, or regulators

Anything with your name or company name attached

Responses to complaints or queries

Payments and financial instructions

Any instruction that moves money

Approvals that trigger downstream financial actions

Anything that touches a live trading or settlement system

Public content

Social media posts

Published documents

Press releases or announcements

Irreversible data changes

Deletions

Database updates that can't be rolled back

Record modifications in systems of record

Compliance-sensitive actions

Anything that creates an audit record

Actions that trigger regulatory reporting

Decisions that need to be documented as human-made

---

Exercise: Audit Your Automations (35 min)

Step 1: Take Inventory (10 min)

List every automation you've built in this course:

Automation 1: ________________________________
Automation 2: ________________________________
Automation 3: ________________________________
[Add more as needed]

Step 2: Apply the Rule (15 min)

For each automation, answer:

Any automation marked "Not reversible" OR "High stakes" should have a human review step before its final action.

Step 3: Add Checkpoints Where Needed (10 min)

For any automation that needs a review step, update it now:

Change the final action from "send/submit/publish/delete" to "save draft/flag for review/create file"

Add a step in your workflow: "I review the output before it goes further"

Update your SKILL.md or agent file to reflect this

Riley's updated margin report skill:

## Final Step
Save the formatted report to /reports/weekly-margin-[date].md

Do NOT send this to portfolio managers directly.
Post a Slack notification to Riley: "Margin report ready for review."
Riley will review and forward.

✅ Success Criteria:

---

What Riley Took Away

"The margin report runs itself because it's internal, it's a draft until I send it, and I can fix any number before it matters. David's client email ran itself because he didn't ask that question. Same technology. Different judgment about where the human belongs. That's the whole lesson."

---

The Simple Test

Before you let any automation run unattended, ask:

"If this produces something wrong and runs without me seeing it, what's the worst that happens?"

If the answer is anything involving clients, external systems, irreversible changes, public content, or financial consequences: add a review step.

The automation still does the work. You just stay in the loop at the moment that matters.

---

You've Completed the Course

You've packaged your automation, documented it, reviewed it for security, and now you know which parts need your judgment and which don't.

That's a production-ready automation: fast where speed is safe, careful where mistakes matter.

---

What You've Built

Since Lesson 0.1 you've gone from "I watch AI change everything" to:

A real automation saving you hours every week

A skill you can reuse and share

An agent you can hand work off to

An automation toolkit you can document and deploy

The judgment to know when to stay in the loop

That's not dabbling. That's building.

---

What students have shipped after this course

After finishing this course, students have shipped: educational apps, AI video pipelines generating educational content with ElevenLabs and HeyGen, automated client briefing systems, a Chief of Staff agent, a wiki built on Karpathy's pattern, Jira productivity tools, efficiency automations, and production AI deployed in financial environments. The ceiling isn't the tools, it's the problem you choose to solve.

---

Here's what that looks like in practice:

AI video pipelines generating educational content with ElevenLabs and HeyGen, narrated lessons produced from text, no studio required

Multi-agent market intelligence tracking second and third-order economic consequences through knowledge graphs of real companies, industries, and supply chains (SurrealFA)

Automated client briefing systems, a personal Chief of Staff agent that drafts communications, surfaces priorities, and handles recurring prep work (Chief_of_Staff)

A personal wiki built on Karpathy's LLM pattern, AI-maintained structured knowledge with slash commands to ingest, lint, and surface daily digests (WIKI)

Educational apps for children and secondary students, interactive geography for UK Year 7 (geo-explorer-web) and GCSE Spanish vocabulary as MCP tools (secondary-spanish-mcp)

Production AI in highly regulated financial environments, deployed into live operations workflows where accuracy, audit trails, and human oversight are non-negotiable

None of these started with a software engineering background.

If you want a private walkthrough, book 30 minutes with me →