How governance and evidence gating work in LumenReach
Understand the governance model: every risky action is deny-by-default, routed through second-human approval, and executed on a durable internal queue with audit — but nothing is ever delivered to an external network.
Purpose
Understand the LumenReach governance model so you know how risky actions are gated by evidence, second-human approval, and the durable internal queue, and why nothing is ever delivered to an external network.
Who this is for
Owners, admins, and developers who need to understand how LumenReach gates risky actions with evidence and approval.
Prerequisites
- A workspace with at least one project and a second human available for approvals.
- An understanding that every schedule request records a Pending approval entry.
- An awareness that external publishing does not exist in this release.
Steps
- Open the Approval Queue to see queued agent actions waiting for a human decision.
- Review each action's risk label, policy summary, and decision reason.
- Approve or deny the action; the decision is recorded in the audit trail.
- Watch an approved action move through the durable internal queue: Queued internally, then Completed internally · not delivered, or Failed if retries run out.
- Open Policy Studio to review or create rules that gate specific actions.
- Check the autonomy control plane to understand how disposition lines narrow (never widen) existing policy.
Expected result
You understand that every risky action is deny-by-default, routed through second-human approval, executed on the durable internal queue, and audited — and that nothing is delivered to any external network.
Verification
- A schedule request shows Pending approval until a second human decides it.
- An approved run shows Completed internally · not delivered.
- The audit trail records who requested, who approved, and how the run finished.
- A policy rule or autonomy line can only narrow existing policy, never widen it.
If something goes wrong
- An action stays in the Approval Queue
- A second human must decide it; confirm the approver has the required role and is available.
- An approved run shows Failed
- The internal worker retries automatically; read the customer-safe error on the entry and fix the cause, then request a new schedule.
- You expected the action to reach an external network
- External publishing does not exist in this release — an approved run finishes as Completed internally · not delivered, and nothing is sent to any external network.
Permissions
Reviewing the Approval Queue is available to approvers and admins; creating and enabling policy rules and autonomy lines needs an owner or admin role.
Related articles
Support
If a governance behavior is unclear, ask your workspace admin first. LumenReach support can explain governance without exposing platform infrastructure or private policy details.