Skip to content

9. Human Consent Gate for Learning Loop

Date: 2026-06-23

Status

Accepted

Context

The closed learning loop automatically analyzes session transcripts and generates improvement suggestions for plugin configuration (agent behavior, skill guidelines, CLAUDE.md overrides). Without a human gate, these suggestions could auto-apply changes that the user has not reviewed, potentially introducing unwanted behavior or overwriting deliberate project conventions.

The system must balance automation convenience (fewer manual steps) against the risk of unauthorized configuration changes. Users need confidence that the learning loop is an observer and suggester, not an autonomous actor.

Decision

All findings generated by background session analysis are queued in metrics/pending-review.jsonl and are never applied without explicit human approval. Each finding remains in the queue with no reviewed_at field until the user explicitly processes it via /session-review and approves or rejects it via /feedback-learning.

Approval writes reviewed_at and approved_by to the entry and applies the change via the existing /feedback-learning audit trail. Rejection writes rejected_at and rejected_by and discards the finding without modifying any configuration.

Consequences

  • Users always control which learning-loop suggestions become active configuration.
  • The queue is append-only: partial reviews are safe — unreviewed entries persist across sessions until the user processes them.
  • /session-review surfaces the queue count at session start (via session-model-banner.sh) so unreviewed findings are visible.
  • The human gate is the reason the learning loop can run in the background without user supervision: its output has no side effects until approved.