feat(backend): Implement node-specific auto-approval using key pattern

- Add auto-approval via special nodeExecId key pattern (auto_approve_{graph_exec_id}_{node_id})
- Create auto-approval records in PendingHumanReview when user approves with auto-approve flag
- Check for existing auto-approval before requiring human review
- Remove node_id parameter from get_or_create_human_review
- Load graph settings properly when resuming execution after review

autogpt_platform/backend/backend/api/features/executions/review/model.py

@@ -179,6 +179,14 @@ class ReviewRequest(BaseModel):
     reviews: List[ReviewItem] = Field(
         description="All reviews with their approval status, data, and messages"
     )
+    auto_approve_future_actions: bool = Field(
+        default=False,
+        description=(
+            "If true, future reviews from the same blocks (nodes) being approved "
+            "will be automatically approved for the remainder of this execution. "
+            "This only affects the current execution run."
+        ),
+    )
 
     @model_validator(mode="after")
     def validate_review_completeness(self):

autogpt_platform/backend/backend/api/features/executions/review/review_routes_test.py

@@ -490,3 +490,321 @@ def test_process_review_action_invalid_node_exec_id(
     # Should be a 400 Bad Request, not 500 Internal Server Error
     assert response.status_code == 400
     assert "Invalid node execution ID format" in response.json()["detail"]
+
+
+def test_process_review_action_auto_approve_creates_auto_approval_records(
+    mocker: pytest_mock.MockerFixture,
+    sample_pending_review: PendingHumanReviewModel,
+    test_user_id: str,
+) -> None:
+    """Test that auto_approve_future_actions flag creates auto-approval records"""
+    from backend.data.execution import ExecutionContext, NodeExecutionResult
+    from backend.data.graph import GraphSettings
+
+    # Mock process_all_reviews
+    mock_process_all_reviews = mocker.patch(
+        "backend.api.features.executions.review.routes.process_all_reviews_for_execution"
+    )
+    approved_review = PendingHumanReviewModel(
+        node_exec_id="test_node_123",
+        user_id=test_user_id,
+        graph_exec_id="test_graph_exec_456",
+        graph_id="test_graph_789",
+        graph_version=1,
+        payload={"data": "test payload"},
+        instructions="Please review",
+        editable=True,
+        status=ReviewStatus.APPROVED,
+        review_message="Approved",
+        was_edited=False,
+        processed=False,
+        created_at=FIXED_NOW,
+        updated_at=FIXED_NOW,
+        reviewed_at=FIXED_NOW,
+    )
+    mock_process_all_reviews.return_value = {"test_node_123": approved_review}
+
+    # Mock get_node_execution to return node_id
+    mock_get_node_execution = mocker.patch(
+        "backend.api.features.executions.review.routes.get_node_execution"
+    )
+    mock_node_exec = mocker.Mock(spec=NodeExecutionResult)
+    mock_node_exec.node_id = "test_node_def_456"
+    mock_get_node_execution.return_value = mock_node_exec
+
+    # Mock create_auto_approval_record
+    mock_create_auto_approval = mocker.patch(
+        "backend.api.features.executions.review.routes.create_auto_approval_record"
+    )
+
+    # Mock has_pending_reviews_for_graph_exec
+    mock_has_pending = mocker.patch(
+        "backend.api.features.executions.review.routes.has_pending_reviews_for_graph_exec"
+    )
+    mock_has_pending.return_value = False
+
+    # Mock get_graph_settings to return custom settings
+    mock_get_settings = mocker.patch(
+        "backend.api.features.executions.review.routes.get_graph_settings"
+    )
+    mock_get_settings.return_value = GraphSettings(
+        human_in_the_loop_safe_mode=True,
+        sensitive_action_safe_mode=True,
+    )
+
+    # Mock add_graph_execution
+    mock_add_execution = mocker.patch(
+        "backend.api.features.executions.review.routes.add_graph_execution"
+    )
+
+    request_data = {
+        "reviews": [
+            {
+                "node_exec_id": "test_node_123",
+                "approved": True,
+                "message": "Approved",
+            }
+        ],
+        "auto_approve_future_actions": True,
+    }
+
+    response = client.post("/api/review/action", json=request_data)
+
+    assert response.status_code == 200
+
+    # Verify process_all_reviews_for_execution was called (without auto_approve param)
+    mock_process_all_reviews.assert_called_once()
+
+    # Verify create_auto_approval_record was called for the approved review
+    mock_create_auto_approval.assert_called_once_with(
+        user_id=test_user_id,
+        graph_exec_id="test_graph_exec_456",
+        graph_id="test_graph_789",
+        graph_version=1,
+        node_id="test_node_def_456",
+        payload={"data": "test payload"},
+    )
+
+    # Verify get_graph_settings was called with correct parameters
+    mock_get_settings.assert_called_once_with(
+        user_id=test_user_id, graph_id="test_graph_789"
+    )
+
+    # Verify add_graph_execution was called with proper ExecutionContext
+    mock_add_execution.assert_called_once()
+    call_kwargs = mock_add_execution.call_args.kwargs
+    execution_context = call_kwargs["execution_context"]
+
+    assert isinstance(execution_context, ExecutionContext)
+    assert execution_context.human_in_the_loop_safe_mode is True
+    assert execution_context.sensitive_action_safe_mode is True
+
+
+def test_process_review_action_without_auto_approve_still_loads_settings(
+    mocker: pytest_mock.MockerFixture,
+    sample_pending_review: PendingHumanReviewModel,
+    test_user_id: str,
+) -> None:
+    """Test that execution context is created with settings even without auto-approve"""
+    from backend.data.execution import ExecutionContext
+    from backend.data.graph import GraphSettings
+
+    # Mock process_all_reviews
+    mock_process_all_reviews = mocker.patch(
+        "backend.api.features.executions.review.routes.process_all_reviews_for_execution"
+    )
+    approved_review = PendingHumanReviewModel(
+        node_exec_id="test_node_123",
+        user_id=test_user_id,
+        graph_exec_id="test_graph_exec_456",
+        graph_id="test_graph_789",
+        graph_version=1,
+        payload={"data": "test payload"},
+        instructions="Please review",
+        editable=True,
+        status=ReviewStatus.APPROVED,
+        review_message="Approved",
+        was_edited=False,
+        processed=False,
+        created_at=FIXED_NOW,
+        updated_at=FIXED_NOW,
+        reviewed_at=FIXED_NOW,
+    )
+    mock_process_all_reviews.return_value = {"test_node_123": approved_review}
+
+    # Mock create_auto_approval_record - should NOT be called when auto_approve is False
+    mock_create_auto_approval = mocker.patch(
+        "backend.api.features.executions.review.routes.create_auto_approval_record"
+    )
+
+    # Mock has_pending_reviews_for_graph_exec
+    mock_has_pending = mocker.patch(
+        "backend.api.features.executions.review.routes.has_pending_reviews_for_graph_exec"
+    )
+    mock_has_pending.return_value = False
+
+    # Mock get_graph_settings with sensitive_action_safe_mode enabled
+    mock_get_settings = mocker.patch(
+        "backend.api.features.executions.review.routes.get_graph_settings"
+    )
+    mock_get_settings.return_value = GraphSettings(
+        human_in_the_loop_safe_mode=False,
+        sensitive_action_safe_mode=True,
+    )
+
+    # Mock add_graph_execution
+    mock_add_execution = mocker.patch(
+        "backend.api.features.executions.review.routes.add_graph_execution"
+    )
+
+    # Request WITHOUT auto_approve_future_actions
+    request_data = {
+        "reviews": [
+            {
+                "node_exec_id": "test_node_123",
+                "approved": True,
+                "message": "Approved",
+            }
+        ],
+        "auto_approve_future_actions": False,
+    }
+
+    response = client.post("/api/review/action", json=request_data)
+
+    assert response.status_code == 200
+
+    # Verify process_all_reviews_for_execution was called
+    mock_process_all_reviews.assert_called_once()
+
+    # Verify create_auto_approval_record was NOT called (auto_approve_future_actions=False)
+    mock_create_auto_approval.assert_not_called()
+
+    # Verify settings were loaded
+    mock_get_settings.assert_called_once()
+
+    # Verify ExecutionContext has proper settings
+    mock_add_execution.assert_called_once()
+    call_kwargs = mock_add_execution.call_args.kwargs
+    execution_context = call_kwargs["execution_context"]
+
+    assert isinstance(execution_context, ExecutionContext)
+    assert execution_context.human_in_the_loop_safe_mode is False
+    assert execution_context.sensitive_action_safe_mode is True
+
+
+def test_process_review_action_auto_approve_only_applies_to_approved_reviews(
+    mocker: pytest_mock.MockerFixture,
+    test_user_id: str,
+) -> None:
+    """Test that auto_approve record is created only for approved reviews"""
+    from backend.data.execution import ExecutionContext, NodeExecutionResult
+    from backend.data.graph import GraphSettings
+
+    # Create two reviews - one approved, one rejected
+    approved_review = PendingHumanReviewModel(
+        node_exec_id="node_exec_approved",
+        user_id=test_user_id,
+        graph_exec_id="test_graph_exec_456",
+        graph_id="test_graph_789",
+        graph_version=1,
+        payload={"data": "approved"},
+        instructions="Review",
+        editable=True,
+        status=ReviewStatus.APPROVED,
+        review_message=None,
+        was_edited=False,
+        processed=False,
+        created_at=FIXED_NOW,
+        updated_at=FIXED_NOW,
+        reviewed_at=FIXED_NOW,
+    )
+    rejected_review = PendingHumanReviewModel(
+        node_exec_id="node_exec_rejected",
+        user_id=test_user_id,
+        graph_exec_id="test_graph_exec_456",
+        graph_id="test_graph_789",
+        graph_version=1,
+        payload={"data": "rejected"},
+        instructions="Review",
+        editable=True,
+        status=ReviewStatus.REJECTED,
+        review_message="Rejected",
+        was_edited=False,
+        processed=False,
+        created_at=FIXED_NOW,
+        updated_at=FIXED_NOW,
+        reviewed_at=FIXED_NOW,
+    )
+
+    # Mock process_all_reviews
+    mock_process_all_reviews = mocker.patch(
+        "backend.api.features.executions.review.routes.process_all_reviews_for_execution"
+    )
+    mock_process_all_reviews.return_value = {
+        "node_exec_approved": approved_review,
+        "node_exec_rejected": rejected_review,
+    }
+
+    # Mock get_node_execution to return node_id (only called for approved review)
+    mock_get_node_execution = mocker.patch(
+        "backend.api.features.executions.review.routes.get_node_execution"
+    )
+    mock_node_exec = mocker.Mock(spec=NodeExecutionResult)
+    mock_node_exec.node_id = "test_node_def_approved"
+    mock_get_node_execution.return_value = mock_node_exec
+
+    # Mock create_auto_approval_record
+    mock_create_auto_approval = mocker.patch(
+        "backend.api.features.executions.review.routes.create_auto_approval_record"
+    )
+
+    # Mock has_pending_reviews_for_graph_exec
+    mock_has_pending = mocker.patch(
+        "backend.api.features.executions.review.routes.has_pending_reviews_for_graph_exec"
+    )
+    mock_has_pending.return_value = False
+
+    # Mock get_graph_settings
+    mock_get_settings = mocker.patch(
+        "backend.api.features.executions.review.routes.get_graph_settings"
+    )
+    mock_get_settings.return_value = GraphSettings()
+
+    # Mock add_graph_execution
+    mock_add_execution = mocker.patch(
+        "backend.api.features.executions.review.routes.add_graph_execution"
+    )
+
+    request_data = {
+        "reviews": [
+            {"node_exec_id": "node_exec_approved", "approved": True},
+            {"node_exec_id": "node_exec_rejected", "approved": False},
+        ],
+        "auto_approve_future_actions": True,
+    }
+
+    response = client.post("/api/review/action", json=request_data)
+
+    assert response.status_code == 200
+
+    # Verify process_all_reviews_for_execution was called
+    mock_process_all_reviews.assert_called_once()
+
+    # Verify create_auto_approval_record was called ONLY for the approved review
+    # (not for the rejected one)
+    mock_create_auto_approval.assert_called_once_with(
+        user_id=test_user_id,
+        graph_exec_id="test_graph_exec_456",
+        graph_id="test_graph_789",
+        graph_version=1,
+        node_id="test_node_def_approved",
+        payload={"data": "approved"},
+    )
+
+    # Verify get_node_execution was called only for approved review
+    mock_get_node_execution.assert_called_once_with("node_exec_approved")
+
+    # Verify ExecutionContext was created (auto-approval is now DB-based)
+    call_kwargs = mock_add_execution.call_args.kwargs
+    execution_context = call_kwargs["execution_context"]
+    assert isinstance(execution_context, ExecutionContext)

autogpt_platform/backend/backend/api/features/executions/review/routes.py

@@ -5,8 +5,14 @@ import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, HTTPException, Query, Security, status
 from prisma.enums import ReviewStatus
 
-from backend.data.execution import get_graph_execution_meta
+from backend.data.execution import (
+    ExecutionContext,
+    get_graph_execution_meta,
+    get_node_execution,
+)
+from backend.data.graph import get_graph_settings
 from backend.data.human_review import (
+    create_auto_approval_record,
     get_pending_reviews_for_execution,
     get_pending_reviews_for_user,
     has_pending_reviews_for_graph_exec,
@@ -128,14 +134,20 @@ async def process_review_action(
         )
 
     # Build review decisions map
+    # When auto_approve_future_actions is true, ignore any edited data
+    # (auto-approved reviews should use original data for consistency)
     review_decisions = {}
     for review in request.reviews:
         review_status = (
             ReviewStatus.APPROVED if review.approved else ReviewStatus.REJECTED
         )
+        # If auto-approving future actions, don't allow data modifications
+        reviewed_data = (
+            None if request.auto_approve_future_actions else review.reviewed_data
+        )
         review_decisions[review.node_exec_id] = (
             review_status,
-            review.reviewed_data,
+            reviewed_data,
             review.message,
         )
 
@@ -145,6 +157,22 @@ async def process_review_action(
         review_decisions=review_decisions,
     )
 
+    # Create auto-approval records for approved reviews if requested
+    if request.auto_approve_future_actions:
+        for node_exec_id, review in updated_reviews.items():
+            if review.status == ReviewStatus.APPROVED:
+                # Look up the node_id from the node execution
+                node_exec = await get_node_execution(node_exec_id)
+                if node_exec:
+                    await create_auto_approval_record(
+                        user_id=user_id,
+                        graph_exec_id=review.graph_exec_id,
+                        graph_id=review.graph_id,
+                        graph_version=review.graph_version,
+                        node_id=node_exec.node_id,
+                        payload=review.payload,
+                    )
+
     # Count results
     approved_count = sum(
         1
@@ -169,10 +197,24 @@ async def process_review_action(
         if not still_has_pending:
             # Resume execution
             try:
+                # Load graph settings to create proper execution context
+                settings = await get_graph_settings(
+                    user_id=user_id, graph_id=first_review.graph_id
+                )
+
+                # Create execution context with settings
+                # Note: auto-approval is now handled via database lookup in
+                # check_auto_approval(), no need to pass auto_approved_node_ids
+                execution_context = ExecutionContext(
+                    human_in_the_loop_safe_mode=settings.human_in_the_loop_safe_mode,
+                    sensitive_action_safe_mode=settings.sensitive_action_safe_mode,
+                )
+
                 await add_graph_execution(
                     graph_id=first_review.graph_id,
                     user_id=user_id,
                     graph_exec_id=graph_exec_id,
+                    execution_context=execution_context,
                 )
                 logger.info(f"Resumed execution {graph_exec_id}")
             except Exception as e:

autogpt_platform/backend/backend/api/features/store/embeddings.py

@@ -154,16 +154,16 @@ async def store_content_embedding(
 
         # Upsert the embedding
         # WHERE clause in DO UPDATE prevents PostgreSQL 15 bug with NULLS NOT DISTINCT
-        # Use {pgvector_schema}.vector for explicit pgvector type qualification
+        # Use unqualified ::vector - pgvector is in search_path on all environments
         await execute_raw_with_schema(
             """
             INSERT INTO {schema_prefix}"UnifiedContentEmbedding" (
                 "id", "contentType", "contentId", "userId", "embedding", "searchableText", "metadata", "createdAt", "updatedAt"
             )
-            VALUES (gen_random_uuid()::text, $1::{schema_prefix}"ContentType", $2, $3, $4::{pgvector_schema}.vector, $5, $6::jsonb, NOW(), NOW())
+            VALUES (gen_random_uuid()::text, $1::{schema_prefix}"ContentType", $2, $3, $4::vector, $5, $6::jsonb, NOW(), NOW())
             ON CONFLICT ("contentType", "contentId", "userId")
             DO UPDATE SET
-                "embedding" = $4::{pgvector_schema}.vector,
+                "embedding" = $4::vector,
                 "searchableText" = $5,
                 "metadata" = $6::jsonb,
                 "updatedAt" = NOW()
@@ -879,8 +879,7 @@ async def semantic_search(
         min_similarity_idx = len(params) + 1
         params.append(min_similarity)
 
-        # Use regular string (not f-string) for template to preserve {schema_prefix} and {schema} placeholders
-        # Use OPERATOR({pgvector_schema}.<=>) for explicit operator schema qualification
+        # Use unqualified ::vector and <=> operator - pgvector is in search_path on all environments
         sql = (
             """
             SELECT
@@ -888,9 +887,9 @@ async def semantic_search(
                 "contentType" as content_type,
                 "searchableText" as searchable_text,
                 metadata,
-                1 - (embedding OPERATOR({pgvector_schema}.<=>) '"""
+                1 - (embedding <=> '"""
             + embedding_str
-            + """'::{pgvector_schema}.vector) as similarity
+            + """'::vector) as similarity
             FROM {schema_prefix}"UnifiedContentEmbedding"
             WHERE "contentType" IN ("""
             + content_type_placeholders
@@ -898,9 +897,9 @@ async def semantic_search(
             """
             + user_filter
             + """
-            AND 1 - (embedding OPERATOR({pgvector_schema}.<=>) '"""
+            AND 1 - (embedding <=> '"""
             + embedding_str
-            + """'::{pgvector_schema}.vector) >= $"""
+            + """'::vector) >= $"""
             + str(min_similarity_idx)
             + """
             ORDER BY similarity DESC

autogpt_platform/backend/backend/api/features/store/hybrid_search.py

@@ -295,7 +295,7 @@ async def unified_hybrid_search(
                 FROM {{schema_prefix}}"UnifiedContentEmbedding" uce
                 WHERE uce."contentType" = ANY({content_types_param}::{{schema_prefix}}"ContentType"[])
                 {user_filter}
-                ORDER BY uce.embedding OPERATOR({{pgvector_schema}}.<=>)  {embedding_param}::{{pgvector_schema}}.vector
+                ORDER BY uce.embedding <=> {embedding_param}::vector
                 LIMIT 200
             )
         ),
@@ -307,7 +307,7 @@ async def unified_hybrid_search(
                 uce.metadata,
                 uce."updatedAt" as updated_at,
                 -- Semantic score: cosine similarity (1 - distance)
-                COALESCE(1 - (uce.embedding OPERATOR({{pgvector_schema}}.<=>)  {embedding_param}::{{pgvector_schema}}.vector), 0) as semantic_score,
+                COALESCE(1 - (uce.embedding <=> {embedding_param}::vector), 0) as semantic_score,
                 -- Lexical score: ts_rank_cd
                 COALESCE(ts_rank_cd(uce.search, plainto_tsquery('english', {query_param})), 0) as lexical_raw,
                 -- Category match from metadata
@@ -583,7 +583,7 @@ async def hybrid_search(
                 WHERE uce."contentType" = 'STORE_AGENT'::{{schema_prefix}}"ContentType"
                 AND uce."userId" IS NULL
                 AND {where_clause}
-                ORDER BY uce.embedding OPERATOR({{pgvector_schema}}.<=>)  {embedding_param}::{{pgvector_schema}}.vector
+                ORDER BY uce.embedding <=> {embedding_param}::vector
                 LIMIT 200
             ) uce
         ),
@@ -605,7 +605,7 @@ async def hybrid_search(
                 -- Searchable text for BM25 reranking
                 COALESCE(sa.agent_name, '') || ' ' || COALESCE(sa.sub_heading, '') || ' ' || COALESCE(sa.description, '') as searchable_text,
                 -- Semantic score
-                COALESCE(1 - (uce.embedding OPERATOR({{pgvector_schema}}.<=>)  {embedding_param}::{{pgvector_schema}}.vector), 0) as semantic_score,
+                COALESCE(1 - (uce.embedding <=> {embedding_param}::vector), 0) as semantic_score,
                 -- Lexical score (raw, will normalize)
                 COALESCE(ts_rank_cd(uce.search, plainto_tsquery('english', {query_param})), 0) as lexical_raw,
                 -- Category match

autogpt_platform/backend/backend/blocks/basic.py

@@ -116,6 +116,7 @@ class PrintToConsoleBlock(Block):
             input_schema=PrintToConsoleBlock.Input,
             output_schema=PrintToConsoleBlock.Output,
             test_input={"text": "Hello, World!"},
+            is_sensitive_action=True,
             test_output=[
                 ("output", "Hello, World!"),
                 ("status", "printed"),

autogpt_platform/backend/backend/blocks/helpers/review.py

@@ -10,7 +10,7 @@ from prisma.enums import ReviewStatus
 from pydantic import BaseModel
 
 from backend.data.execution import ExecutionContext, ExecutionStatus
-from backend.data.human_review import ReviewResult
+from backend.data.human_review import ReviewResult, check_auto_approval
 from backend.executor.manager import async_update_node_execution_status
 from backend.util.clients import get_database_manager_async_client
 
@@ -55,6 +55,7 @@ class HITLReviewHelper:
     async def _handle_review_request(
         input_data: Any,
         user_id: str,
+        node_id: str,
         node_exec_id: str,
         graph_exec_id: str,
         graph_id: str,
@@ -69,6 +70,7 @@ class HITLReviewHelper:
         Args:
             input_data: The input data to be reviewed
             user_id: ID of the user requesting the review
+            node_id: ID of the node in the graph definition
             node_exec_id: ID of the node execution
             graph_exec_id: ID of the graph execution
             graph_id: ID of the graph
@@ -83,15 +85,27 @@ class HITLReviewHelper:
         Raises:
             Exception: If review creation or status update fails
         """
-        # Skip review if safe mode is disabled - return auto-approved result
-        if not execution_context.human_in_the_loop_safe_mode:
+        # Note: Safe mode checks (human_in_the_loop_safe_mode, sensitive_action_safe_mode)
+        # are handled by the caller:
+        # - HITL blocks check human_in_the_loop_safe_mode in their run() method
+        # - Sensitive action blocks check sensitive_action_safe_mode in is_block_exec_need_review()
+        # This function only handles auto-approval for specific nodes.
+
+        # Check if this node has been auto-approved in a previous review
+        auto_approval = await check_auto_approval(
+            graph_exec_id=graph_exec_id,
+            node_id=node_id,
+        )
+        if auto_approval:
             logger.info(
-                f"Block {block_name} skipping review for node {node_exec_id} - safe mode disabled"
+                f"Block {block_name} skipping review for node {node_exec_id} - "
+                f"node {node_id} has auto-approval from previous review"
             )
+            # Return a new ReviewResult with the current node_exec_id but approved status
             return ReviewResult(
                 data=input_data,
                 status=ReviewStatus.APPROVED,
-                message="Auto-approved (safe mode disabled)",
+                message="Auto-approved (user approved all future actions for this block)",
                 processed=True,
                 node_exec_id=node_exec_id,
             )
@@ -129,6 +143,7 @@ class HITLReviewHelper:
     async def handle_review_decision(
         input_data: Any,
         user_id: str,
+        node_id: str,
         node_exec_id: str,
         graph_exec_id: str,
         graph_id: str,
@@ -143,6 +158,7 @@ class HITLReviewHelper:
         Args:
             input_data: The input data to be reviewed
             user_id: ID of the user requesting the review
+            node_id: ID of the node in the graph definition
             node_exec_id: ID of the node execution
             graph_exec_id: ID of the graph execution
             graph_id: ID of the graph
@@ -158,6 +174,7 @@ class HITLReviewHelper:
         review_result = await HITLReviewHelper._handle_review_request(
             input_data=input_data,
             user_id=user_id,
+            node_id=node_id,
             node_exec_id=node_exec_id,
             graph_exec_id=graph_exec_id,
             graph_id=graph_id,

autogpt_platform/backend/backend/blocks/human_in_the_loop.py

@@ -97,6 +97,7 @@ class HumanInTheLoopBlock(Block):
         input_data: Input,
         *,
         user_id: str,
+        node_id: str,
         node_exec_id: str,
         graph_exec_id: str,
         graph_id: str,
@@ -115,6 +116,7 @@ class HumanInTheLoopBlock(Block):
         decision = await self.handle_review_decision(
             input_data=input_data.data,
             user_id=user_id,
+            node_id=node_id,
             node_exec_id=node_exec_id,
             graph_exec_id=graph_exec_id,
             graph_id=graph_id,

autogpt_platform/backend/backend/data/block.py

@@ -441,6 +441,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
         static_output: bool = False,
         block_type: BlockType = BlockType.STANDARD,
         webhook_config: Optional[BlockWebhookConfig | BlockManualWebhookConfig] = None,
+        is_sensitive_action: bool = False,
     ):
         """
         Initialize the block with the given schema.
@@ -473,8 +474,8 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
         self.static_output = static_output
         self.block_type = block_type
         self.webhook_config = webhook_config
+        self.is_sensitive_action = is_sensitive_action
         self.execution_stats: NodeExecutionStats = NodeExecutionStats()
-        self.is_sensitive_action: bool = False
 
         if self.webhook_config:
             if isinstance(self.webhook_config, BlockWebhookConfig):
@@ -622,6 +623,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
         input_data: BlockInput,
         *,
         user_id: str,
+        node_id: str,
         node_exec_id: str,
         graph_exec_id: str,
         graph_id: str,
@@ -648,6 +650,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
         decision = await HITLReviewHelper.handle_review_decision(
             input_data=input_data,
             user_id=user_id,
+            node_id=node_id,
             node_exec_id=node_exec_id,
             graph_exec_id=graph_exec_id,
             graph_id=graph_id,

autogpt_platform/backend/backend/data/db.py

@@ -121,10 +121,14 @@ async def _raw_with_schema(
     Supports placeholders:
         - {schema_prefix}: Table/type prefix (e.g., "platform".)
         - {schema}: Raw schema name for application tables (e.g., platform)
-        - {pgvector_schema}: Schema where pgvector is installed (defaults to "public")
+
+    Note on pgvector types:
+        Use unqualified ::vector and <=> operator in queries. PostgreSQL resolves
+        these via search_path, which includes the schema where pgvector is installed
+        on all environments (local, CI, dev).
 
     Args:
-        query_template: SQL query with {schema_prefix}, {schema}, and/or {pgvector_schema} placeholders
+        query_template: SQL query with {schema_prefix} and/or {schema} placeholders
         *args: Query parameters
         execute: If False, executes SELECT query. If True, executes INSERT/UPDATE/DELETE.
         client: Optional Prisma client for transactions (only used when execute=True).
@@ -135,20 +139,16 @@ async def _raw_with_schema(
 
     Example with vector type:
         await execute_raw_with_schema(
-            'INSERT INTO {schema_prefix}"Embedding" (vec) VALUES ($1::{pgvector_schema}.vector)',
+            'INSERT INTO {schema_prefix}"Embedding" (vec) VALUES ($1::vector)',
             embedding_data
         )
     """
     schema = get_database_schema()
     schema_prefix = f'"{schema}".' if schema != "public" else ""
-    # pgvector extension is typically installed in "public" schema
-    # On Supabase it may be in "extensions" but "public" is the common default
-    pgvector_schema = "public"
 
     formatted_query = query_template.format(
         schema_prefix=schema_prefix,
         schema=schema,
-        pgvector_schema=pgvector_schema,
     )
 
     import prisma as prisma_module

autogpt_platform/backend/backend/data/event_bus.py

@@ -103,8 +103,18 @@ class RedisEventBus(BaseRedisEventBus[M], ABC):
         return redis.get_redis()
 
     def publish_event(self, event: M, channel_key: str):
-        message, full_channel_name = self._serialize_message(event, channel_key)
-        self.connection.publish(full_channel_name, message)
+        """
+        Publish an event to Redis. Gracefully handles connection failures
+        by logging the error instead of raising exceptions.
+        """
+        try:
+            message, full_channel_name = self._serialize_message(event, channel_key)
+            self.connection.publish(full_channel_name, message)
+        except Exception:
+            logger.exception(
+                f"Failed to publish event to Redis channel {channel_key}. "
+                "Event bus operation will continue without Redis connectivity."
+            )
 
     def listen_events(self, channel_key: str) -> Generator[M, None, None]:
         pubsub, full_channel_name = self._get_pubsub_channel(
@@ -128,9 +138,19 @@ class AsyncRedisEventBus(BaseRedisEventBus[M], ABC):
         return await redis.get_redis_async()
 
     async def publish_event(self, event: M, channel_key: str):
-        message, full_channel_name = self._serialize_message(event, channel_key)
-        connection = await self.connection
-        await connection.publish(full_channel_name, message)
+        """
+        Publish an event to Redis. Gracefully handles connection failures
+        by logging the error instead of raising exceptions.
+        """
+        try:
+            message, full_channel_name = self._serialize_message(event, channel_key)
+            connection = await self.connection
+            await connection.publish(full_channel_name, message)
+        except Exception:
+            logger.exception(
+                f"Failed to publish event to Redis channel {channel_key}. "
+                "Event bus operation will continue without Redis connectivity."
+            )
 
     async def listen_events(self, channel_key: str) -> AsyncGenerator[M, None]:
         pubsub, full_channel_name = self._get_pubsub_channel(

autogpt_platform/backend/backend/data/event_bus_test.py

@@ -0,0 +1,56 @@
+"""
+Tests for event_bus graceful degradation when Redis is unavailable.
+"""
+
+from unittest.mock import AsyncMock, patch
+
+import pytest
+from pydantic import BaseModel
+
+from backend.data.event_bus import AsyncRedisEventBus
+
+
+class TestEvent(BaseModel):
+    """Test event model."""
+
+    message: str
+
+
+class TestNotificationBus(AsyncRedisEventBus[TestEvent]):
+    """Test implementation of AsyncRedisEventBus."""
+
+    Model = TestEvent
+
+    @property
+    def event_bus_name(self) -> str:
+        return "test_event_bus"
+
+
+@pytest.mark.asyncio
+async def test_publish_event_handles_connection_failure_gracefully():
+    """Test that publish_event logs exception instead of raising when Redis is unavailable."""
+    bus = TestNotificationBus()
+    event = TestEvent(message="test message")
+
+    # Mock get_redis_async to raise connection error
+    with patch(
+        "backend.data.event_bus.redis.get_redis_async",
+        side_effect=ConnectionError("Authentication required."),
+    ):
+        # Should not raise exception
+        await bus.publish_event(event, "test_channel")
+
+
+@pytest.mark.asyncio
+async def test_publish_event_works_with_redis_available():
+    """Test that publish_event works normally when Redis is available."""
+    bus = TestNotificationBus()
+    event = TestEvent(message="test message")
+
+    # Mock successful Redis connection
+    mock_redis = AsyncMock()
+    mock_redis.publish = AsyncMock()
+
+    with patch("backend.data.event_bus.redis.get_redis_async", return_value=mock_redis):
+        await bus.publish_event(event, "test_channel")
+        mock_redis.publish.assert_called_once()

autogpt_platform/backend/backend/data/execution.py

@@ -81,6 +81,8 @@ class ExecutionContext(BaseModel):
     This includes information needed by blocks, sub-graphs, and execution management.
     """
 
+    model_config = {"extra": "ignore"}
+
     human_in_the_loop_safe_mode: bool = True
     sensitive_action_safe_mode: bool = False
     user_timezone: str = "UTC"

autogpt_platform/backend/backend/data/graph.py

@@ -64,6 +64,8 @@ logger = logging.getLogger(__name__)
 class GraphSettings(BaseModel):
     # Use Annotated with BeforeValidator to coerce None to default values.
     # This handles cases where the database has null values for these fields.
+    model_config = {"extra": "ignore"}
+
     human_in_the_loop_safe_mode: Annotated[
         bool, BeforeValidator(lambda v: v if v is not None else True)
     ] = True

autogpt_platform/backend/backend/data/human_review.py

@@ -32,6 +32,87 @@ class ReviewResult(BaseModel):
     node_exec_id: str
 
 
+def get_auto_approve_key(graph_exec_id: str, node_id: str) -> str:
+    """Generate the special nodeExecId key for auto-approval records."""
+    return f"auto_approve_{graph_exec_id}_{node_id}"
+
+
+async def check_auto_approval(
+    graph_exec_id: str,
+    node_id: str,
+) -> Optional[ReviewResult]:
+    """
+    Check if there's an existing auto-approval record for this node in this execution.
+
+    Auto-approval records are stored as PendingHumanReview entries with a special
+    nodeExecId pattern: "auto_approve_{graph_exec_id}_{node_id}"
+
+    Args:
+        graph_exec_id: ID of the graph execution
+        node_id: ID of the node definition (not execution)
+
+    Returns:
+        ReviewResult if auto-approval found, None otherwise
+    """
+    auto_approve_key = get_auto_approve_key(graph_exec_id, node_id)
+
+    # Look for the auto-approval record by its special key
+    auto_approved_review = await PendingHumanReview.prisma().find_unique(
+        where={"nodeExecId": auto_approve_key},
+    )
+
+    if auto_approved_review and auto_approved_review.status == ReviewStatus.APPROVED:
+        logger.info(
+            f"Found auto-approval for node {node_id} in execution {graph_exec_id}"
+        )
+        return ReviewResult(
+            data=auto_approved_review.payload,
+            status=ReviewStatus.APPROVED,
+            message="Auto-approved (user approved all future actions for this block)",
+            processed=True,
+            node_exec_id=auto_approve_key,
+        )
+
+    return None
+
+
+async def create_auto_approval_record(
+    user_id: str,
+    graph_exec_id: str,
+    graph_id: str,
+    graph_version: int,
+    node_id: str,
+    payload: SafeJsonData,
+) -> None:
+    """
+    Create an auto-approval record for a node in this execution.
+
+    This is stored as a PendingHumanReview with a special nodeExecId pattern
+    and status=APPROVED, so future executions of the same node can skip review.
+    """
+    auto_approve_key = get_auto_approve_key(graph_exec_id, node_id)
+
+    await PendingHumanReview.prisma().upsert(
+        where={"nodeExecId": auto_approve_key},
+        data={
+            "create": {
+                "nodeExecId": auto_approve_key,
+                "userId": user_id,
+                "graphExecId": graph_exec_id,
+                "graphId": graph_id,
+                "graphVersion": graph_version,
+                "payload": SafeJson(payload),
+                "instructions": "Auto-approval record",
+                "editable": False,
+                "status": ReviewStatus.APPROVED,
+                "processed": True,
+                "reviewedAt": datetime.now(timezone.utc),
+            },
+            "update": {},  # Already exists, no update needed
+        },
+    )
+
+
 async def get_or_create_human_review(
     user_id: str,
     node_exec_id: str,

autogpt_platform/backend/backend/data/human_review_test.py

@@ -46,8 +46,8 @@ async def test_get_or_create_human_review_new(
     sample_db_review.status = ReviewStatus.WAITING
     sample_db_review.processed = False
 
-    mock_upsert = mocker.patch("backend.data.human_review.PendingHumanReview.prisma")
-    mock_upsert.return_value.upsert = AsyncMock(return_value=sample_db_review)
+    mock_prisma = mocker.patch("backend.data.human_review.PendingHumanReview.prisma")
+    mock_prisma.return_value.upsert = AsyncMock(return_value=sample_db_review)
 
     result = await get_or_create_human_review(
         user_id="test-user-123",
@@ -75,8 +75,8 @@ async def test_get_or_create_human_review_approved(
     sample_db_review.processed = False
     sample_db_review.reviewMessage = "Looks good"
 
-    mock_upsert = mocker.patch("backend.data.human_review.PendingHumanReview.prisma")
-    mock_upsert.return_value.upsert = AsyncMock(return_value=sample_db_review)
+    mock_prisma = mocker.patch("backend.data.human_review.PendingHumanReview.prisma")
+    mock_prisma.return_value.upsert = AsyncMock(return_value=sample_db_review)
 
     result = await get_or_create_human_review(
         user_id="test-user-123",

autogpt_platform/backend/migrations/20260109181714_add_docs_embedding/migration.sql

@@ -1,9 +1,10 @@
 -- CreateExtension
 -- Supabase: pgvector must be enabled via Dashboard → Database → Extensions first
--- Create in public schema so vector type is available across all schemas
+-- Creates extension in current schema (determined by search_path from DATABASE_URL ?schema= param)
+-- This ensures vector type is in the same schema as tables, making ::vector work without explicit qualification
 DO $$
 BEGIN
-    CREATE EXTENSION IF NOT EXISTS "vector" WITH SCHEMA "public";
+    CREATE EXTENSION IF NOT EXISTS "vector";
 EXCEPTION WHEN OTHERS THEN
     RAISE NOTICE 'vector extension not available or already exists, skipping';
 END $$;
@@ -19,7 +20,7 @@ CREATE TABLE "UnifiedContentEmbedding" (
     "contentType" "ContentType" NOT NULL,
     "contentId" TEXT NOT NULL,
     "userId" TEXT,
-    "embedding" public.vector(1536) NOT NULL,
+    "embedding" vector(1536) NOT NULL,
     "searchableText" TEXT NOT NULL,
     "metadata" JSONB NOT NULL DEFAULT '{}',
 
@@ -45,4 +46,4 @@ CREATE UNIQUE INDEX "UnifiedContentEmbedding_contentType_contentId_userId_key" O
 -- Uses cosine distance operator (<=>), which matches the query in hybrid_search.py
 -- Note: Drop first in case Prisma created a btree index (Prisma doesn't support HNSW)
 DROP INDEX IF EXISTS "UnifiedContentEmbedding_embedding_idx";
-CREATE INDEX "UnifiedContentEmbedding_embedding_idx" ON "UnifiedContentEmbedding" USING hnsw ("embedding" public.vector_cosine_ops);
+CREATE INDEX "UnifiedContentEmbedding_embedding_idx" ON "UnifiedContentEmbedding" USING hnsw ("embedding" vector_cosine_ops);

autogpt_platform/backend/migrations/20260121200000_remove_node_execution_fk_from_pending_human_review/migration.sql

@@ -0,0 +1,7 @@
+-- Remove NodeExecution foreign key from PendingHumanReview
+-- The nodeExecId column remains as the primary key, but we remove the FK constraint
+-- to AgentNodeExecution since PendingHumanReview records can persist after node
+-- execution records are deleted.
+
+-- Drop foreign key constraint that linked PendingHumanReview.nodeExecId to AgentNodeExecution.id
+ALTER TABLE "platform"."PendingHumanReview" DROP CONSTRAINT IF EXISTS "PendingHumanReview_nodeExecId_fkey";

autogpt_platform/backend/schema.prisma

@@ -517,8 +517,6 @@ model AgentNodeExecution {
 
   stats Json?
 
-  PendingHumanReview PendingHumanReview?
-
   @@index([agentGraphExecutionId, agentNodeId, executionStatus])
   @@index([agentNodeId, executionStatus])
   @@index([addedTime, queuedTime])
@@ -567,6 +565,7 @@ enum ReviewStatus {
 }
 
 // Pending human reviews for Human-in-the-loop blocks
+// Also stores auto-approval records with special nodeExecId patterns (e.g., "auto_approve_{graph_exec_id}_{node_id}")
 model PendingHumanReview {
   nodeExecId    String       @id
   userId        String
@@ -585,7 +584,6 @@ model PendingHumanReview {
   reviewedAt    DateTime?
 
   User           User                @relation(fields: [userId], references: [id], onDelete: Cascade)
-  NodeExecution  AgentNodeExecution  @relation(fields: [nodeExecId], references: [id], onDelete: Cascade)
   GraphExecution AgentGraphExecution @relation(fields: [graphExecId], references: [id], onDelete: Cascade)
 
   @@unique([nodeExecId]) // One pending review per node execution

autogpt_platform/backend/scripts/generate_block_docs.py

@@ -366,12 +366,12 @@ def generate_block_markdown(
     lines.append("")
 
     # What it is (full description)
-    lines.append(f"### What it is")
+    lines.append("### What it is")
     lines.append(block.description or "No description available.")
     lines.append("")
 
     # How it works (manual section)
-    lines.append(f"### How it works")
+    lines.append("### How it works")
     how_it_works = manual_content.get(
         "how_it_works", "_Add technical explanation here._"
     )
@@ -383,7 +383,7 @@ def generate_block_markdown(
     # Inputs table (auto-generated)
     visible_inputs = [f for f in block.inputs if not f.hidden]
     if visible_inputs:
-        lines.append(f"### Inputs")
+        lines.append("### Inputs")
         lines.append("")
         lines.append("| Input | Description | Type | Required |")
         lines.append("|-------|-------------|------|----------|")
@@ -400,7 +400,7 @@ def generate_block_markdown(
     # Outputs table (auto-generated)
     visible_outputs = [f for f in block.outputs if not f.hidden]
     if visible_outputs:
-        lines.append(f"### Outputs")
+        lines.append("### Outputs")
         lines.append("")
         lines.append("| Output | Description | Type |")
         lines.append("|--------|-------------|------|")
@@ -414,7 +414,7 @@ def generate_block_markdown(
         lines.append("")
 
     # Possible use case (manual section)
-    lines.append(f"### Possible use case")
+    lines.append("### Possible use case")
     use_case = manual_content.get("use_case", "_Add practical use case examples here._")
     lines.append("<!-- MANUAL: use_case -->")
     lines.append(use_case)

autogpt_platform/frontend/src/app/(platform)/build/components/FloatingSafeModeToogle.tsx

@@ -86,7 +86,6 @@ export function FloatingSafeModeToggle({
   const {
     currentHITLSafeMode,
     showHITLToggle,
-    isHITLStateUndetermined,
     handleHITLToggle,
     currentSensitiveActionSafeMode,
     showSensitiveActionToggle,
@@ -99,16 +98,9 @@ export function FloatingSafeModeToggle({
     return null;
   }
 
-  const showHITL = showHITLToggle && !isHITLStateUndetermined;
-  const showSensitive = showSensitiveActionToggle;
-
-  if (!showHITL && !showSensitive) {
-    return null;
-  }
-
   return (
     <div className={cn("fixed z-50 flex flex-col gap-2", className)}>
-      {showHITL && (
+      {showHITLToggle && (
         <SafeModeButton
           isEnabled={currentHITLSafeMode}
           label="Human in the loop block approval"
@@ -119,7 +111,7 @@ export function FloatingSafeModeToggle({
           fullWidth={fullWidth}
         />
       )}
-      {showSensitive && (
+      {showSensitiveActionToggle && (
         <SafeModeButton
           isEnabled={currentSensitiveActionSafeMode}
           label="Sensitive actions blocks approval"

autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/RunAgentModal/RunAgentModal.tsx

@@ -14,6 +14,10 @@ import {
 import { Dialog } from "@/components/molecules/Dialog/Dialog";
 import { useEffect, useRef, useState } from "react";
 import { ScheduleAgentModal } from "../ScheduleAgentModal/ScheduleAgentModal";
+import {
+  AIAgentSafetyPopup,
+  useAIAgentSafetyPopup,
+} from "./components/AIAgentSafetyPopup/AIAgentSafetyPopup";
 import { ModalHeader } from "./components/ModalHeader/ModalHeader";
 import { ModalRunSection } from "./components/ModalRunSection/ModalRunSection";
 import { RunActions } from "./components/RunActions/RunActions";
@@ -83,8 +87,17 @@ export function RunAgentModal({
 
   const [isScheduleModalOpen, setIsScheduleModalOpen] = useState(false);
   const [hasOverflow, setHasOverflow] = useState(false);
+  const [isSafetyPopupOpen, setIsSafetyPopupOpen] = useState(false);
+  const [pendingRunAction, setPendingRunAction] = useState<(() => void) | null>(
+    null,
+  );
   const contentRef = useRef<HTMLDivElement>(null);
 
+  const { shouldShowPopup, dismissPopup } = useAIAgentSafetyPopup(
+    agent.has_sensitive_action,
+    agent.has_human_in_the_loop,
+  );
+
   const hasAnySetupFields =
     Object.keys(agentInputFields || {}).length > 0 ||
     Object.keys(agentCredentialsInputFields || {}).length > 0;
@@ -165,6 +178,24 @@ export function RunAgentModal({
     onScheduleCreated?.(schedule);
   }
 
+  function handleRunWithSafetyCheck() {
+    if (shouldShowPopup) {
+      setPendingRunAction(() => handleRun);
+      setIsSafetyPopupOpen(true);
+    } else {
+      handleRun();
+    }
+  }
+
+  function handleSafetyPopupAcknowledge() {
+    setIsSafetyPopupOpen(false);
+    dismissPopup();
+    if (pendingRunAction) {
+      pendingRunAction();
+      setPendingRunAction(null);
+    }
+  }
+
   return (
     <>
       <Dialog
@@ -248,7 +279,7 @@ export function RunAgentModal({
                 )}
                 <RunActions
                   defaultRunType={defaultRunType}
-                  onRun={handleRun}
+                  onRun={handleRunWithSafetyCheck}
                   isExecuting={isExecuting}
                   isSettingUpTrigger={isSettingUpTrigger}
                   isRunReady={allRequiredInputsAreSet}
@@ -266,6 +297,11 @@ export function RunAgentModal({
           </div>
         </Dialog.Content>
       </Dialog>
+
+      <AIAgentSafetyPopup
+        isOpen={isSafetyPopupOpen}
+        onAcknowledge={handleSafetyPopupAcknowledge}
+      />
     </>
   );
 }

autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/RunAgentModal/components/AIAgentSafetyPopup/AIAgentSafetyPopup.tsx

@@ -0,0 +1,95 @@
+"use client";
+
+import { Button } from "@/components/atoms/Button/Button";
+import { Text } from "@/components/atoms/Text/Text";
+import { Dialog } from "@/components/molecules/Dialog/Dialog";
+import { Key, storage } from "@/services/storage/local-storage";
+import { ShieldCheckIcon } from "@phosphor-icons/react";
+import { useCallback, useEffect, useState } from "react";
+
+interface Props {
+  onAcknowledge: () => void;
+  isOpen: boolean;
+}
+
+export function AIAgentSafetyPopup({ onAcknowledge, isOpen }: Props) {
+  function handleAcknowledge() {
+    // Mark popup as shown so it won't appear again
+    storage.set(Key.AI_AGENT_SAFETY_POPUP_SHOWN, "true");
+    onAcknowledge();
+  }
+
+  if (!isOpen) return null;
+
+  return (
+    <Dialog
+      controlled={{ isOpen, set: () => {} }}
+      styling={{ maxWidth: "480px" }}
+    >
+      <Dialog.Content>
+        <div className="flex flex-col items-center p-6 text-center">
+          <div className="mb-6 flex h-16 w-16 items-center justify-center rounded-full bg-blue-50">
+            <ShieldCheckIcon
+              weight="fill"
+              size={32}
+              className="text-blue-600"
+            />
+          </div>
+
+          <Text variant="h3" className="mb-4">
+            Safety Checks Enabled
+          </Text>
+
+          <Text variant="body" className="mb-2 text-zinc-700">
+            AI-generated agents may take actions that affect your data or
+            external systems.
+          </Text>
+
+          <Text variant="body" className="mb-8 text-zinc-700">
+            AutoGPT includes safety checks so you&apos;ll always have the
+            opportunity to review and approve sensitive actions before they
+            happen.
+          </Text>
+
+          <Button
+            variant="primary"
+            size="large"
+            className="w-full"
+            onClick={handleAcknowledge}
+          >
+            Got it
+          </Button>
+        </div>
+      </Dialog.Content>
+    </Dialog>
+  );
+}
+
+export function useAIAgentSafetyPopup(
+  hasSensitiveAction: boolean,
+  hasHumanInTheLoop: boolean,
+) {
+  const [shouldShowPopup, setShouldShowPopup] = useState(false);
+  const [hasChecked, setHasChecked] = useState(false);
+
+  useEffect(() => {
+    // Only check once after mount (to avoid SSR issues)
+    if (hasChecked) return;
+
+    const hasSeenPopup =
+      storage.get(Key.AI_AGENT_SAFETY_POPUP_SHOWN) === "true";
+    const isRelevantAgent = hasSensitiveAction || hasHumanInTheLoop;
+
+    setShouldShowPopup(!hasSeenPopup && isRelevantAgent);
+    setHasChecked(true);
+  }, [hasSensitiveAction, hasHumanInTheLoop, hasChecked]);
+
+  const dismissPopup = useCallback(() => {
+    setShouldShowPopup(false);
+  }, []);
+
+  return {
+    shouldShowPopup,
+    dismissPopup,
+  };
+}

autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/selected-views/SelectedRunView/components/SafeModeToggle.tsx

@@ -69,7 +69,6 @@ export function SafeModeToggle({ graph, className }: Props) {
   const {
     currentHITLSafeMode,
     showHITLToggle,
-    isHITLStateUndetermined,
     handleHITLToggle,
     currentSensitiveActionSafeMode,
     showSensitiveActionToggle,
@@ -78,20 +77,13 @@ export function SafeModeToggle({ graph, className }: Props) {
     shouldShowToggle,
   } = useAgentSafeMode(graph);
 
-  if (!shouldShowToggle || isHITLStateUndetermined) {
-    return null;
-  }
-
-  const showHITL = showHITLToggle && !isHITLStateUndetermined;
-  const showSensitive = showSensitiveActionToggle;
-
-  if (!showHITL && !showSensitive) {
+  if (!shouldShowToggle) {
     return null;
   }
 
   return (
     <div className={cn("flex gap-1", className)}>
-      {showHITL && (
+      {showHITLToggle && (
         <SafeModeIconButton
           isEnabled={currentHITLSafeMode}
           label="Human-in-the-loop"
@@ -101,7 +93,7 @@ export function SafeModeToggle({ graph, className }: Props) {
           isPending={isPending}
         />
       )}
-      {showSensitive && (
+      {showSensitiveActionToggle && (
         <SafeModeIconButton
           isEnabled={currentSensitiveActionSafeMode}
           label="Sensitive actions"

autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/OldAgentLibraryView/components/agent-run-draft-view.tsx

@@ -1,8 +1,15 @@
 "use client";
-import React, { useCallback, useEffect, useMemo, useState } from "react";
+import React, {
+  useCallback,
+  useContext,
+  useEffect,
+  useMemo,
+  useState,
+} from "react";
 
 import {
   CredentialsMetaInput,
+  CredentialsType,
   GraphExecutionID,
   GraphMeta,
   LibraryAgentPreset,
@@ -29,7 +36,11 @@ import {
 } from "@/components/__legacy__/ui/icons";
 import { Input } from "@/components/__legacy__/ui/input";
 import { Button } from "@/components/atoms/Button/Button";
-import { CredentialsInput } from "@/components/contextual/CredentialsInput/CredentialsInput";
+import { CredentialsGroupedView } from "@/components/contextual/CredentialsInput/components/CredentialsGroupedView/CredentialsGroupedView";
+import {
+  findSavedCredentialByProviderAndType,
+  findSavedUserCredentialByProviderAndType,
+} from "@/components/contextual/CredentialsInput/components/CredentialsGroupedView/helpers";
 import { InformationTooltip } from "@/components/molecules/InformationTooltip/InformationTooltip";
 import {
   useToast,
@@ -37,6 +48,7 @@ import {
 } from "@/components/molecules/Toast/use-toast";
 import { humanizeCronExpression } from "@/lib/cron-expression-utils";
 import { cn, isEmpty } from "@/lib/utils";
+import { CredentialsProvidersContext } from "@/providers/agent-credentials/credentials-provider";
 import { ClockIcon, CopyIcon, InfoIcon } from "@phosphor-icons/react";
 import { CalendarClockIcon, Trash2Icon } from "lucide-react";
 
@@ -90,6 +102,7 @@ export function AgentRunDraftView({
   const api = useBackendAPI();
   const { toast } = useToast();
   const toastOnFail = useToastOnFail();
+  const allProviders = useContext(CredentialsProvidersContext);
 
   const [inputValues, setInputValues] = useState<Record<string, any>>({});
   const [inputCredentials, setInputCredentials] = useState<
@@ -128,6 +141,77 @@ export function AgentRunDraftView({
     () => graph.credentials_input_schema.properties,
     [graph],
   );
+  const credentialFields = useMemo(
+    function getCredentialFields() {
+      return Object.entries(agentCredentialsInputFields);
+    },
+    [agentCredentialsInputFields],
+  );
+  const requiredCredentials = useMemo(
+    function getRequiredCredentials() {
+      return new Set(
+        (graph.credentials_input_schema?.required as string[]) || [],
+      );
+    },
+    [graph.credentials_input_schema?.required],
+  );
+
+  useEffect(
+    function initializeDefaultCredentials() {
+      if (!allProviders) return;
+      if (!graph.credentials_input_schema?.properties) return;
+      if (requiredCredentials.size === 0) return;
+
+      setInputCredentials(function updateCredentials(currentCreds) {
+        const next = { ...currentCreds };
+        let didAdd = false;
+
+        for (const key of requiredCredentials) {
+          if (next[key]) continue;
+          const schema = graph.credentials_input_schema.properties[key];
+          if (!schema) continue;
+
+          const providerNames = schema.credentials_provider || [];
+          const credentialTypes = schema.credentials_types || [];
+          const requiredScopes = schema.credentials_scopes;
+
+          const userCredential = findSavedUserCredentialByProviderAndType(
+            providerNames,
+            credentialTypes,
+            requiredScopes,
+            allProviders,
+          );
+
+          const savedCredential =
+            userCredential ||
+            findSavedCredentialByProviderAndType(
+              providerNames,
+              credentialTypes,
+              requiredScopes,
+              allProviders,
+            );
+
+          if (!savedCredential) continue;
+
+          next[key] = {
+            id: savedCredential.id,
+            provider: savedCredential.provider,
+            type: savedCredential.type as CredentialsType,
+            title: savedCredential.title,
+          };
+          didAdd = true;
+        }
+
+        if (!didAdd) return currentCreds;
+        return next;
+      });
+    },
+    [
+      allProviders,
+      graph.credentials_input_schema?.properties,
+      requiredCredentials,
+    ],
+  );
 
   const [allRequiredInputsAreSet, missingInputs] = useMemo(() => {
     const nonEmptyInputs = new Set(
@@ -145,18 +229,35 @@ export function AgentRunDraftView({
     );
     return [isSuperset, difference];
   }, [agentInputSchema.required, inputValues]);
-  const [allCredentialsAreSet, missingCredentials] = useMemo(() => {
-    const availableCredentials = new Set(Object.keys(inputCredentials));
-    const allCredentials = new Set(Object.keys(agentCredentialsInputFields));
-    // Backwards-compatible implementation of isSupersetOf and difference
-    const isSuperset = Array.from(allCredentials).every((item) =>
-      availableCredentials.has(item),
-    );
-    const difference = Array.from(allCredentials).filter(
-      (item) => !availableCredentials.has(item),
-    );
-    return [isSuperset, difference];
-  }, [agentCredentialsInputFields, inputCredentials]);
+  const [allCredentialsAreSet, missingCredentials] = useMemo(
+    function getCredentialStatus() {
+      const missing = Array.from(requiredCredentials).filter((key) => {
+        const cred = inputCredentials[key];
+        return !cred || !cred.id;
+      });
+      return [missing.length === 0, missing];
+    },
+    [requiredCredentials, inputCredentials],
+  );
+  function addChangedCredentials(prev: Set<keyof LibraryAgentPresetUpdatable>) {
+    const next = new Set(prev);
+    next.add("credentials");
+    return next;
+  }
+
+  function handleCredentialChange(key: string, value?: CredentialsMetaInput) {
+    setInputCredentials(function updateInputCredentials(currentCreds) {
+      const next = { ...currentCreds };
+      if (value === undefined) {
+        delete next[key];
+        return next;
+      }
+      next[key] = value;
+      return next;
+    });
+    setChangedPresetAttributes(addChangedCredentials);
+  }
+
   const notifyMissingInputs = useCallback(
     (needPresetName: boolean = true) => {
       const allMissingFields = (
@@ -649,35 +750,6 @@ export function AgentRunDraftView({
               </>
             )}
 
-            {/* Credentials inputs */}
-            {Object.entries(agentCredentialsInputFields).map(
-              ([key, inputSubSchema]) => (
-                <CredentialsInput
-                  key={key}
-                  schema={{ ...inputSubSchema, discriminator: undefined }}
-                  selectedCredentials={
-                    inputCredentials[key] ?? inputSubSchema.default
-                  }
-                  onSelectCredentials={(value) => {
-                    setInputCredentials((obj) => {
-                      const newObj = { ...obj };
-                      if (value === undefined) {
-                        delete newObj[key];
-                        return newObj;
-                      }
-                      return {
-                        ...obj,
-                        [key]: value,
-                      };
-                    });
-                    setChangedPresetAttributes((prev) =>
-                      prev.add("credentials"),
-                    );
-                  }}
-                />
-              ),
-            )}
-
             {/* Regular inputs */}
             {Object.entries(agentInputFields).map(([key, inputSubSchema]) => (
               <RunAgentInputs
@@ -695,6 +767,17 @@ export function AgentRunDraftView({
                 data-testid={`agent-input-${key}`}
               />
             ))}
+
+            {/* Credentials inputs */}
+            {credentialFields.length > 0 && (
+              <CredentialsGroupedView
+                credentialFields={credentialFields}
+                requiredCredentials={requiredCredentials}
+                inputCredentials={inputCredentials}
+                inputValues={inputValues}
+                onCredentialChange={handleCredentialChange}
+              />
+            )}
           </CardContent>
         </Card>
       </div>

autogpt_platform/frontend/src/app/api/openapi.json

@@ -9425,6 +9425,12 @@
             "type": "array",
             "title": "Reviews",
             "description": "All reviews with their approval status, data, and messages"
+          },
+          "auto_approve_future_actions": {
+            "type": "boolean",
+            "title": "Auto Approve Future Actions",
+            "description": "If true, future reviews from the same blocks (nodes) being approved will be automatically approved for the remainder of this execution. This only affects the current execution run.",
+            "default": false
           }
         },
         "type": "object",

autogpt_platform/frontend/src/components/contextual/CredentialsInput/components/CredentialsGroupedView/helpers.ts

@@ -1,5 +1,5 @@
 import { CredentialsProvidersContextType } from "@/providers/agent-credentials/credentials-provider";
-import { getSystemCredentials } from "../../helpers";
+import { filterSystemCredentials, getSystemCredentials } from "../../helpers";
 
 export type CredentialField = [string, any];
 
@@ -208,3 +208,42 @@ export function findSavedCredentialByProviderAndType(
 
   return undefined;
 }
+
+export function findSavedUserCredentialByProviderAndType(
+  providerNames: string[],
+  credentialTypes: string[],
+  requiredScopes: string[] | undefined,
+  allProviders: CredentialsProvidersContextType | null,
+): SavedCredential | undefined {
+  for (const providerName of providerNames) {
+    const providerData = allProviders?.[providerName];
+    if (!providerData) continue;
+
+    const userCredentials = filterSystemCredentials(
+      providerData.savedCredentials ?? [],
+    );
+
+    const matchingCredentials: SavedCredential[] = [];
+
+    for (const credential of userCredentials) {
+      const typeMatches =
+        credentialTypes.length === 0 ||
+        credentialTypes.includes(credential.type);
+      const scopesMatch = hasRequiredScopes(credential, requiredScopes);
+
+      if (!typeMatches) continue;
+      if (!scopesMatch) continue;
+
+      matchingCredentials.push(credential as SavedCredential);
+    }
+
+    if (matchingCredentials.length === 1) {
+      return matchingCredentials[0];
+    }
+    if (matchingCredentials.length > 1) {
+      return undefined;
+    }
+  }
+
+  return undefined;
+}

autogpt_platform/frontend/src/components/contextual/CredentialsInput/useCredentialsInput.ts

@@ -98,24 +98,20 @@ export function useCredentialsInput({
 
   // Auto-select the first available credential on initial mount
   // Once a user has made a selection, we don't override it
-  useEffect(() => {
-    if (readOnly) return;
-    if (!credentials || !("savedCredentials" in credentials)) return;
+  useEffect(
+    function autoSelectCredential() {
+      if (readOnly) return;
+      if (!credentials || !("savedCredentials" in credentials)) return;
+      if (selectedCredential?.id) return;
 
-    // If already selected, don't auto-select
-    if (selectedCredential?.id) return;
+      const savedCreds = credentials.savedCredentials;
+      if (savedCreds.length === 0) return;
 
-    // Only attempt auto-selection once
-    if (hasAttemptedAutoSelect.current) return;
-    hasAttemptedAutoSelect.current = true;
+      if (hasAttemptedAutoSelect.current) return;
+      hasAttemptedAutoSelect.current = true;
 
-    // If optional, don't auto-select (user can choose "None")
-    if (isOptional) return;
+      if (isOptional) return;
 
-    const savedCreds = credentials.savedCredentials;
-
-    // Auto-select the first credential if any are available
-    if (savedCreds.length > 0) {
       const cred = savedCreds[0];
       onSelectCredential({
         id: cred.id,
@@ -123,14 +119,15 @@ export function useCredentialsInput({
         provider: credentials.provider,
         title: (cred as any).title,
       });
-    }
-  }, [
-    credentials,
-    selectedCredential?.id,
-    readOnly,
-    isOptional,
-    onSelectCredential,
-  ]);
+    },
+    [
+      credentials,
+      selectedCredential?.id,
+      readOnly,
+      isOptional,
+      onSelectCredential,
+    ],
+  );
 
   if (
     !credentials ||

autogpt_platform/frontend/src/components/organisms/FloatingReviewsPanel/FloatingReviewsPanel.tsx

@@ -31,6 +31,29 @@ export function FloatingReviewsPanel({
       query: {
         enabled: !!(graphId && executionId),
         select: okData,
+        // Poll while execution is in progress to detect status changes
+        refetchInterval: (q) => {
+          // Note: refetchInterval callback receives raw data before select transform
+          const rawData = q.state.data as
+            | { status: number; data?: { status?: string } }
+            | undefined;
+          if (rawData?.status !== 200) return false;
+
+          const status = rawData?.data?.status;
+          if (!status) return false;
+
+          // Poll every 2 seconds while running or in review
+          if (
+            status === AgentExecutionStatus.RUNNING ||
+            status === AgentExecutionStatus.QUEUED ||
+            status === AgentExecutionStatus.INCOMPLETE ||
+            status === AgentExecutionStatus.REVIEW
+          ) {
+            return 2000;
+          }
+          return false;
+        },
+        refetchIntervalInBackground: true,
       },
     },
   );
@@ -40,23 +63,27 @@ export function FloatingReviewsPanel({
     useShallow((state) => state.graphExecutionStatus),
   );
 
+  // Determine if we should poll for pending reviews
+  const isInReviewStatus =
+    executionDetails?.status === AgentExecutionStatus.REVIEW ||
+    graphExecutionStatus === AgentExecutionStatus.REVIEW;
+
   const { pendingReviews, isLoading, refetch } = usePendingReviewsForExecution(
     executionId || "",
+    {
+      enabled: !!executionId,
+      // Poll every 2 seconds when in REVIEW status to catch new reviews
+      refetchInterval: isInReviewStatus ? 2000 : false,
+    },
   );
 
+  // Refetch pending reviews when execution status changes
   useEffect(() => {
-    if (executionId) {
+    if (executionId && executionDetails?.status) {
       refetch();
     }
   }, [executionDetails?.status, executionId, refetch]);
 
-  // Refetch when graph execution status changes to REVIEW
-  useEffect(() => {
-    if (graphExecutionStatus === AgentExecutionStatus.REVIEW && executionId) {
-      refetch();
-    }
-  }, [graphExecutionStatus, executionId, refetch]);
-
   if (
     !executionId ||
     (!isLoading &&

autogpt_platform/frontend/src/components/organisms/PendingReviewsList/PendingReviewsList.tsx

@@ -1,8 +1,9 @@
-import { useState } from "react";
+import { useState, useCallback } from "react";
 import { PendingHumanReviewModel } from "@/app/api/__generated__/models/pendingHumanReviewModel";
 import { PendingReviewCard } from "@/components/organisms/PendingReviewCard/PendingReviewCard";
 import { Text } from "@/components/atoms/Text/Text";
 import { Button } from "@/components/atoms/Button/Button";
+import { Switch } from "@/components/atoms/Switch/Switch";
 import { useToast } from "@/components/molecules/Toast/use-toast";
 import { ClockIcon, WarningIcon } from "@phosphor-icons/react";
 import { usePostV2ProcessReviewAction } from "@/app/api/__generated__/endpoints/executions/executions";
@@ -40,6 +41,8 @@ export function PendingReviewsList({
     "approve" | "reject" | null
   >(null);
 
+  const [autoApproveFuture, setAutoApproveFuture] = useState(false);
+
   const { toast } = useToast();
 
   const reviewActionMutation = usePostV2ProcessReviewAction({
@@ -92,6 +95,26 @@ export function PendingReviewsList({
     setReviewMessageMap((prev) => ({ ...prev, [nodeExecId]: message }));
   }
 
+  // Reset data to original values when toggling auto-approve
+  const handleAutoApproveFutureToggle = useCallback(
+    (enabled: boolean) => {
+      setAutoApproveFuture(enabled);
+      if (enabled) {
+        // Reset all data to original values
+        const originalData: Record<string, string> = {};
+        reviews.forEach((review) => {
+          originalData[review.node_exec_id] = JSON.stringify(
+            review.payload,
+            null,
+            2,
+          );
+        });
+        setReviewDataMap(originalData);
+      }
+    },
+    [reviews],
+  );
+
   function processReviews(approved: boolean) {
     if (reviews.length === 0) {
       toast({
@@ -109,22 +132,31 @@ export function PendingReviewsList({
       const reviewData = reviewDataMap[review.node_exec_id];
       const reviewMessage = reviewMessageMap[review.node_exec_id];
 
-      let parsedData: any = review.payload; // Default to original payload
+      // When auto-approving future actions, send undefined (use original data)
+      // Otherwise, parse and send the edited data if available
+      let parsedData: any = undefined;
 
-      // Parse edited data if available and editable
-      if (review.editable && reviewData) {
-        try {
-          parsedData = JSON.parse(reviewData);
-        } catch (error) {
-          toast({
-            title: "Invalid JSON",
-            description: `Please fix the JSON format in review for node ${review.node_exec_id}: ${error instanceof Error ? error.message : "Invalid syntax"}`,
-            variant: "destructive",
-          });
-          setPendingAction(null);
-          return;
+      if (!autoApproveFuture) {
+        // For regular approve/reject, use edited data if available
+        if (review.editable && reviewData) {
+          try {
+            parsedData = JSON.parse(reviewData);
+          } catch (error) {
+            toast({
+              title: "Invalid JSON",
+              description: `Please fix the JSON format in review for node ${review.node_exec_id}: ${error instanceof Error ? error.message : "Invalid syntax"}`,
+              variant: "destructive",
+            });
+            setPendingAction(null);
+            return;
+          }
+        } else {
+          // No edits, use original payload
+          parsedData = review.payload;
         }
       }
+      // When autoApproveFuture is true, parsedData stays undefined
+      // Backend will use the original payload stored in the database
 
       reviewItems.push({
         node_exec_id: review.node_exec_id,
@@ -137,6 +169,7 @@ export function PendingReviewsList({
     reviewActionMutation.mutate({
       data: {
         reviews: reviewItems,
+        auto_approve_future_actions: autoApproveFuture && approved,
       },
     });
   }
@@ -182,21 +215,37 @@ export function PendingReviewsList({
       <div className="space-y-7">
         {reviews.map((review) => (
           <PendingReviewCard
-            key={review.node_exec_id}
+            key={`${review.node_exec_id}-${autoApproveFuture}`}
             review={review}
             onReviewDataChange={handleReviewDataChange}
             onReviewMessageChange={handleReviewMessageChange}
             reviewMessage={reviewMessageMap[review.node_exec_id] || ""}
+            isDisabled={autoApproveFuture}
           />
         ))}
       </div>
 
-      <div className="space-y-7">
-        <Text variant="body" className="text-textGrey">
-          Note: Changes you make here apply only to this task
-        </Text>
+      <div className="space-y-4">
+        {/* Auto-approve toggle */}
+        <div className="flex items-center gap-3">
+          <Switch
+            checked={autoApproveFuture}
+            onCheckedChange={handleAutoApproveFutureToggle}
+            disabled={reviewActionMutation.isPending}
+          />
+          <Text variant="body" className="text-textBlack">
+            Auto-approve all future actions from these blocks
+          </Text>
+        </div>
 
-        <div className="flex gap-2">
+        {autoApproveFuture && (
+          <Text variant="small" className="text-amber-600">
+            Editing is disabled. Original data will be used for this and all
+            future reviews from these blocks.
+          </Text>
+        )}
+
+        <div className="flex flex-wrap gap-2">
           <Button
             onClick={() => processReviews(true)}
             disabled={reviewActionMutation.isPending || reviews.length === 0}
@@ -220,6 +269,11 @@ export function PendingReviewsList({
             Reject
           </Button>
         </div>
+
+        <Text variant="small" className="text-textGrey">
+          You can turn auto-approval on or off anytime in this agent&apos;s
+          settings.
+        </Text>
       </div>
     </div>
   );

autogpt_platform/frontend/src/hooks/usePendingReviews.ts

@@ -15,8 +15,22 @@ export function usePendingReviews() {
   };
 }
 
-export function usePendingReviewsForExecution(graphExecId: string) {
-  const query = useGetV2GetPendingReviewsForExecution(graphExecId);
+interface UsePendingReviewsForExecutionOptions {
+  enabled?: boolean;
+  refetchInterval?: number | false;
+}
+
+export function usePendingReviewsForExecution(
+  graphExecId: string,
+  options?: UsePendingReviewsForExecutionOptions,
+) {
+  const query = useGetV2GetPendingReviewsForExecution(graphExecId, {
+    query: {
+      enabled: options?.enabled ?? !!graphExecId,
+      refetchInterval: options?.refetchInterval,
+      refetchIntervalInBackground: !!options?.refetchInterval,
+    },
+  });
 
   return {
     pendingReviews: okData(query.data) || [],

autogpt_platform/frontend/src/lib/timezone-utils.ts

@@ -106,9 +106,14 @@ export function getTimezoneDisplayName(timezone: string): string {
     const parts = timezone.split("/");
     const city = parts[parts.length - 1].replace(/_/g, " ");
     const abbr = getTimezoneAbbreviation(timezone);
-    return abbr ? `${city} (${abbr})` : city;
+    if (abbr && abbr !== timezone) {
+      return `${city} (${abbr})`;
+    }
+    // If abbreviation is same as timezone or not found, show timezone with underscores replaced
+    const timezoneDisplay = timezone.replace(/_/g, " ");
+    return `${city} (${timezoneDisplay})`;
   } catch {
-    return timezone;
+    return timezone.replace(/_/g, " ");
   }
 }
 

autogpt_platform/frontend/src/services/storage/local-storage.ts

@@ -10,6 +10,7 @@ export enum Key {
   LIBRARY_AGENTS_CACHE = "library-agents-cache",
   CHAT_SESSION_ID = "chat_session_id",
   COOKIE_CONSENT = "autogpt_cookie_consent",
+  AI_AGENT_SAFETY_POPUP_SHOWN = "ai-agent-safety-popup-shown",
 }
 
 function get(key: Key) {

autogpt_platform/frontend/src/tests/marketplace.spec.ts

@@ -4,6 +4,7 @@ import { LoginPage } from "./pages/login.page";
 import { MarketplacePage } from "./pages/marketplace.page";
 import { hasMinCount, hasUrl, isVisible, matchesUrl } from "./utils/assertion";
 
+// Marketplace tests for store agent search functionality
 test.describe("Marketplace – Basic Functionality", () => {
   test("User can access marketplace page when logged out", async ({ page }) => {
     const marketplacePage = new MarketplacePage(page);