chore: add migration for nodeId field in PendingHumanReview

Adds database migration to add the nodeId column which tracks the node ID in the graph definition for auto-approval tracking.
fix: implement node-specific auto-approval for human reviews
2026-01-21 04:57:58 -05:00 · 2026-01-20 23:03:03 -05:00 · 2026-01-20 22:15:51 -05:00 · 2026-01-20 21:05:39 -05:00 · 2026-01-20 20:45:50 -05:00 · 2026-01-20 20:40:18 -05:00
36 changed files with 830 additions and 275 deletions
--- a/autogpt_platform/backend/backend/api/features/chat/tools/agent_generator/core.py
+++ b/autogpt_platform/backend/backend/api/features/chat/tools/agent_generator/core.py
@@ -218,6 +218,7 @@ async def save_agent_to_library(
    library_agents = await library_db.create_library_agent(
        graph=created_graph,
        user_id=user_id,
+        sensitive_action_safe_mode=True,
        create_library_agents_for_sub_graphs=False,
    )

--- a/autogpt_platform/backend/backend/api/features/executions/review/model.py
+++ b/autogpt_platform/backend/backend/api/features/executions/review/model.py
@@ -41,6 +41,7 @@ class PendingHumanReviewModel(BaseModel):
    graph_exec_id: str = Field(description="Graph execution ID")
    graph_id: str = Field(description="Graph ID")
    graph_version: int = Field(description="Graph version")
+    node_id: str = Field(description="Node ID in the graph definition")
    payload: SafeJsonData = Field(description="The actual data payload awaiting review")
    instructions: str | None = Field(
        description="Instructions or message for the reviewer", default=None
@@ -81,6 +82,7 @@ class PendingHumanReviewModel(BaseModel):
            graph_exec_id=review.graphExecId,
            graph_id=review.graphId,
            graph_version=review.graphVersion,
+            node_id=review.nodeId,
            payload=review.payload,
            instructions=review.instructions,
            editable=review.editable,
@@ -179,6 +181,15 @@ class ReviewRequest(BaseModel):
    reviews: List[ReviewItem] = Field(
        description="All reviews with their approval status, data, and messages"
    )
+    auto_approve_node_ids: List[str] = Field(
+        default_factory=list,
+        description=(
+            "List of node IDs (from the graph definition) to auto-approve for "
+            "the remainder of this execution. Future reviews from these specific "
+            "nodes will be automatically approved. This only affects the current "
+            "execution run."
+        ),
+    )

    @model_validator(mode="after")
    def validate_review_completeness(self):
--- a/autogpt_platform/backend/backend/api/features/executions/review/review_routes_test.py
+++ b/autogpt_platform/backend/backend/api/features/executions/review/review_routes_test.py
@@ -41,6 +41,7 @@ def sample_pending_review(test_user_id: str) -> PendingHumanReviewModel:
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_123",
        payload={"data": "test payload", "value": 42},
        instructions="Please review this data",
        editable=True,
@@ -160,6 +161,7 @@ def test_process_review_action_approve_success(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_123",
        payload={"data": "modified payload", "value": 50},
        instructions="Please review this data",
        editable=True,
@@ -223,6 +225,7 @@ def test_process_review_action_reject_success(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_123",
        payload={"data": "test payload"},
        instructions="Please review",
        editable=True,
@@ -274,6 +277,7 @@ def test_process_review_action_mixed_success(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_456",
        payload={"data": "second payload"},
        instructions="Second review",
        editable=False,
@@ -303,6 +307,7 @@ def test_process_review_action_mixed_success(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_123",
        payload={"data": "modified"},
        instructions="Please review",
        editable=True,
@@ -321,6 +326,7 @@ def test_process_review_action_mixed_success(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_456",
        payload={"data": "second payload"},
        instructions="Second review",
        editable=False,
--- a/autogpt_platform/backend/backend/api/features/executions/review/routes.py
+++ b/autogpt_platform/backend/backend/api/features/executions/review/routes.py
@@ -5,7 +5,7 @@ import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, HTTPException, Query, Security, status
 from prisma.enums import ReviewStatus

-from backend.data.execution import get_graph_execution_meta
+from backend.data.execution import ExecutionContext, get_graph_execution_meta
 from backend.data.human_review import (
    get_pending_reviews_for_execution,
    get_pending_reviews_for_user,
@@ -169,10 +169,23 @@ async def process_review_action(
        if not still_has_pending:
            # Resume execution
            try:
+                # If auto_approve_node_ids is set, create a context that will
+                # automatically approve future reviews from these specific nodes
+                execution_context = None
+                if request.auto_approve_node_ids:
+                    execution_context = ExecutionContext(
+                        auto_approved_node_ids=set(request.auto_approve_node_ids),
+                    )
+                    logger.info(
+                        f"Auto-approving future reviews for nodes "
+                        f"{request.auto_approve_node_ids} in execution {graph_exec_id}"
+                    )
+
                await add_graph_execution(
                    graph_id=first_review.graph_id,
                    user_id=user_id,
                    graph_exec_id=graph_exec_id,
+                    execution_context=execution_context,
                )
                logger.info(f"Resumed execution {graph_exec_id}")
            except Exception as e:
--- a/autogpt_platform/backend/backend/api/features/library/db.py
+++ b/autogpt_platform/backend/backend/api/features/library/db.py
@@ -401,27 +401,11 @@ async def add_generated_agent_image(
    )


-def _initialize_graph_settings(graph: graph_db.GraphModel) -> GraphSettings:
-    """
-    Initialize GraphSettings based on graph content.
-
-    Args:
-        graph: The graph to analyze
-
-    Returns:
-        GraphSettings with appropriate human_in_the_loop_safe_mode value
-    """
-    if graph.has_human_in_the_loop:
-        # Graph has HITL blocks - set safe mode to True by default
-        return GraphSettings(human_in_the_loop_safe_mode=True)
-    else:
-        # Graph has no HITL blocks - keep None
-        return GraphSettings(human_in_the_loop_safe_mode=None)
-
-
 async def create_library_agent(
    graph: graph_db.GraphModel,
    user_id: str,
+    hitl_safe_mode: bool = True,
+    sensitive_action_safe_mode: bool = False,
    create_library_agents_for_sub_graphs: bool = True,
 ) -> list[library_model.LibraryAgent]:
    """
@@ -430,6 +414,8 @@ async def create_library_agent(
    Args:
        agent: The agent/Graph to add to the library.
        user_id: The user to whom the agent will be added.
+        hitl_safe_mode: Whether HITL blocks require manual review (default True).
+        sensitive_action_safe_mode: Whether sensitive action blocks require review.
        create_library_agents_for_sub_graphs: If True, creates LibraryAgent records for sub-graphs as well.

    Returns:
@@ -465,7 +451,11 @@ async def create_library_agent(
                            }
                        },
                        settings=SafeJson(
-                            _initialize_graph_settings(graph_entry).model_dump()
+                            GraphSettings.from_graph(
+                                graph_entry,
+                                hitl_safe_mode=hitl_safe_mode,
+                                sensitive_action_safe_mode=sensitive_action_safe_mode,
+                            ).model_dump()
                        ),
                    ),
                    include=library_agent_include(
@@ -627,33 +617,6 @@ async def update_library_agent(
        raise DatabaseError("Failed to update library agent") from e


-async def update_library_agent_settings(
-    user_id: str,
-    agent_id: str,
-    settings: GraphSettings,
-) -> library_model.LibraryAgent:
-    """
-    Updates the settings for a specific LibraryAgent.
-
-    Args:
-        user_id: The owner of the LibraryAgent.
-        agent_id: The ID of the LibraryAgent to update.
-        settings: New GraphSettings to apply.
-
-    Returns:
-        The updated LibraryAgent.
-
-    Raises:
-        NotFoundError: If the specified LibraryAgent does not exist.
-        DatabaseError: If there's an error in the update operation.
-    """
-    return await update_library_agent(
-        library_agent_id=agent_id,
-        user_id=user_id,
-        settings=settings,
-    )
-
-
 async def delete_library_agent(
    library_agent_id: str, user_id: str, soft_delete: bool = True
 ) -> None:
@@ -838,7 +801,7 @@ async def add_store_agent_to_library(
                "isCreatedByUser": False,
                "useGraphIsActiveVersion": False,
                "settings": SafeJson(
-                    _initialize_graph_settings(graph_model).model_dump()
+                    GraphSettings.from_graph(graph_model).model_dump()
                ),
            },
            include=library_agent_include(
@@ -1228,8 +1191,15 @@ async def fork_library_agent(
        )
        new_graph = await on_graph_activate(new_graph, user_id=user_id)

-        # Create a library agent for the new graph
-        return (await create_library_agent(new_graph, user_id))[0]
+        # Create a library agent for the new graph, preserving safe mode settings
+        return (
+            await create_library_agent(
+                new_graph,
+                user_id,
+                hitl_safe_mode=original_agent.settings.human_in_the_loop_safe_mode,
+                sensitive_action_safe_mode=original_agent.settings.sensitive_action_safe_mode,
+            )
+        )[0]
    except prisma.errors.PrismaError as e:
        logger.error(f"Database error cloning library agent: {e}")
        raise DatabaseError("Failed to fork library agent") from e
--- a/autogpt_platform/backend/backend/api/features/library/model.py
+++ b/autogpt_platform/backend/backend/api/features/library/model.py
@@ -73,6 +73,12 @@ class LibraryAgent(pydantic.BaseModel):
    has_external_trigger: bool = pydantic.Field(
        description="Whether the agent has an external trigger (e.g. webhook) node"
    )
+    has_human_in_the_loop: bool = pydantic.Field(
+        description="Whether the agent has human-in-the-loop blocks"
+    )
+    has_sensitive_action: bool = pydantic.Field(
+        description="Whether the agent has sensitive action blocks"
+    )
    trigger_setup_info: Optional[GraphTriggerInfo] = None

    # Indicates whether there's a new output (based on recent runs)
@@ -180,6 +186,8 @@ class LibraryAgent(pydantic.BaseModel):
                graph.credentials_input_schema if sub_graphs is not None else None
            ),
            has_external_trigger=graph.has_external_trigger,
+            has_human_in_the_loop=graph.has_human_in_the_loop,
+            has_sensitive_action=graph.has_sensitive_action,
            trigger_setup_info=graph.trigger_setup_info,
            new_output=new_output,
            can_access_graph=can_access_graph,
--- a/autogpt_platform/backend/backend/api/features/library/routes_test.py
+++ b/autogpt_platform/backend/backend/api/features/library/routes_test.py
@@ -52,6 +52,8 @@ async def test_get_library_agents_success(
                output_schema={"type": "object", "properties": {}},
                credentials_input_schema={"type": "object", "properties": {}},
                has_external_trigger=False,
+                has_human_in_the_loop=False,
+                has_sensitive_action=False,
                status=library_model.LibraryAgentStatus.COMPLETED,
                recommended_schedule_cron=None,
                new_output=False,
@@ -75,6 +77,8 @@ async def test_get_library_agents_success(
                output_schema={"type": "object", "properties": {}},
                credentials_input_schema={"type": "object", "properties": {}},
                has_external_trigger=False,
+                has_human_in_the_loop=False,
+                has_sensitive_action=False,
                status=library_model.LibraryAgentStatus.COMPLETED,
                recommended_schedule_cron=None,
                new_output=False,
@@ -150,6 +154,8 @@ async def test_get_favorite_library_agents_success(
                output_schema={"type": "object", "properties": {}},
                credentials_input_schema={"type": "object", "properties": {}},
                has_external_trigger=False,
+                has_human_in_the_loop=False,
+                has_sensitive_action=False,
                status=library_model.LibraryAgentStatus.COMPLETED,
                recommended_schedule_cron=None,
                new_output=False,
@@ -218,6 +224,8 @@ def test_add_agent_to_library_success(
        output_schema={"type": "object", "properties": {}},
        credentials_input_schema={"type": "object", "properties": {}},
        has_external_trigger=False,
+        has_human_in_the_loop=False,
+        has_sensitive_action=False,
        status=library_model.LibraryAgentStatus.COMPLETED,
        new_output=False,
        can_access_graph=True,
--- a/autogpt_platform/backend/backend/api/features/v1.py
+++ b/autogpt_platform/backend/backend/api/features/v1.py
@@ -761,10 +761,8 @@ async def create_new_graph(
    graph.reassign_ids(user_id=user_id, reassign_graph_id=True)
    graph.validate_graph(for_run=False)

-    # The return value of the create graph & library function is intentionally not used here,
-    # as the graph already valid and no sub-graphs are returned back.
    await graph_db.create_graph(graph, user_id=user_id)
-    await library_db.create_library_agent(graph, user_id=user_id)
+    await library_db.create_library_agent(graph, user_id)
    activated_graph = await on_graph_activate(graph, user_id=user_id)

    if create_graph.source == "builder":
@@ -888,21 +886,19 @@ async def set_graph_active_version(
 async def _update_library_agent_version_and_settings(
    user_id: str, agent_graph: graph_db.GraphModel
 ) -> library_model.LibraryAgent:
-    # Keep the library agent up to date with the new active version
    library = await library_db.update_agent_version_in_library(
        user_id, agent_graph.id, agent_graph.version
    )
-    # If the graph has HITL node, initialize the setting if it's not already set.
-    if (
-        agent_graph.has_human_in_the_loop
-        and library.settings.human_in_the_loop_safe_mode is None
-    ):
-        await library_db.update_library_agent_settings(
+    updated_settings = GraphSettings.from_graph(
+        graph=agent_graph,
+        hitl_safe_mode=library.settings.human_in_the_loop_safe_mode,
+        sensitive_action_safe_mode=library.settings.sensitive_action_safe_mode,
+    )
+    if updated_settings != library.settings:
+        library = await library_db.update_library_agent(
+            library_agent_id=library.id,
            user_id=user_id,
-            agent_id=library.id,
-            settings=library.settings.model_copy(
-                update={"human_in_the_loop_safe_mode": True}
-            ),
+            settings=updated_settings,
        )
    return library

@@ -919,21 +915,18 @@ async def update_graph_settings(
    user_id: Annotated[str, Security(get_user_id)],
 ) -> GraphSettings:
    """Update graph settings for the user's library agent."""
-    # Get the library agent for this graph
    library_agent = await library_db.get_library_agent_by_graph_id(
        graph_id=graph_id, user_id=user_id
    )
    if not library_agent:
        raise HTTPException(404, f"Graph #{graph_id} not found in user's library")

-    # Update the library agent settings
-    updated_agent = await library_db.update_library_agent_settings(
+    updated_agent = await library_db.update_library_agent(
+        library_agent_id=library_agent.id,
        user_id=user_id,
-        agent_id=library_agent.id,
        settings=settings,
    )

-    # Return the updated settings
    return GraphSettings.model_validate(updated_agent.settings)


--- a/autogpt_platform/backend/backend/blocks/helpers/review.py
+++ b/autogpt_platform/backend/backend/blocks/helpers/review.py
@@ -55,6 +55,7 @@ class HITLReviewHelper:
    async def _handle_review_request(
        input_data: Any,
        user_id: str,
+        node_id: str,
        node_exec_id: str,
        graph_exec_id: str,
        graph_id: str,
@@ -62,6 +63,7 @@ class HITLReviewHelper:
        execution_context: ExecutionContext,
        block_name: str = "Block",
        editable: bool = False,
+        skip_safe_mode_check: bool = False,
    ) -> Optional[ReviewResult]:
        """
        Handle a review request for a block that requires human review.
@@ -69,6 +71,7 @@ class HITLReviewHelper:
        Args:
            input_data: The input data to be reviewed
            user_id: ID of the user requesting the review
+            node_id: ID of the node in the graph definition
            node_exec_id: ID of the node execution
            graph_exec_id: ID of the graph execution
            graph_id: ID of the graph
@@ -76,6 +79,8 @@ class HITLReviewHelper:
            execution_context: Current execution context
            block_name: Name of the block requesting review
            editable: Whether the reviewer can edit the data
+            skip_safe_mode_check: If True, skip the safe mode check (caller already
+                verified). Used by sensitive action blocks that check their own flag.

        Returns:
            ReviewResult if review is complete, None if waiting for human input
@@ -84,7 +89,11 @@ class HITLReviewHelper:
            Exception: If review creation or status update fails
        """
        # Skip review if safe mode is disabled - return auto-approved result
-        if not execution_context.safe_mode:
+        # (unless caller already checked and wants to skip this check)
+        if (
+            not skip_safe_mode_check
+            and not execution_context.human_in_the_loop_safe_mode
+        ):
            logger.info(
                f"Block {block_name} skipping review for node {node_exec_id} - safe mode disabled"
            )
@@ -96,12 +105,27 @@ class HITLReviewHelper:
                node_exec_id=node_exec_id,
            )

+        # Skip review if this specific node has been auto-approved by the user
+        if node_id in execution_context.auto_approved_node_ids:
+            logger.info(
+                f"Block {block_name} skipping review for node {node_exec_id} - "
+                f"node {node_id} is auto-approved"
+            )
+            return ReviewResult(
+                data=input_data,
+                status=ReviewStatus.APPROVED,
+                message="Auto-approved (user approved all future actions for this block)",
+                processed=True,
+                node_exec_id=node_exec_id,
+            )
+
        result = await HITLReviewHelper.get_or_create_human_review(
            user_id=user_id,
            node_exec_id=node_exec_id,
            graph_exec_id=graph_exec_id,
            graph_id=graph_id,
            graph_version=graph_version,
+            node_id=node_id,
            input_data=input_data,
            message=f"Review required for {block_name} execution",
            editable=editable,
@@ -129,6 +153,7 @@ class HITLReviewHelper:
    async def handle_review_decision(
        input_data: Any,
        user_id: str,
+        node_id: str,
        node_exec_id: str,
        graph_exec_id: str,
        graph_id: str,
@@ -136,6 +161,7 @@ class HITLReviewHelper:
        execution_context: ExecutionContext,
        block_name: str = "Block",
        editable: bool = False,
+        skip_safe_mode_check: bool = False,
    ) -> Optional[ReviewDecision]:
        """
        Handle a review request and return the decision in a single call.
@@ -143,6 +169,7 @@ class HITLReviewHelper:
        Args:
            input_data: The input data to be reviewed
            user_id: ID of the user requesting the review
+            node_id: ID of the node in the graph definition
            node_exec_id: ID of the node execution
            graph_exec_id: ID of the graph execution
            graph_id: ID of the graph
@@ -150,6 +177,8 @@ class HITLReviewHelper:
            execution_context: Current execution context
            block_name: Name of the block requesting review
            editable: Whether the reviewer can edit the data
+            skip_safe_mode_check: If True, skip the safe mode check (caller already
+                verified). Used by sensitive action blocks that check their own flag.

        Returns:
            ReviewDecision if review is complete (approved/rejected),
@@ -158,6 +187,7 @@ class HITLReviewHelper:
        review_result = await HITLReviewHelper._handle_review_request(
            input_data=input_data,
            user_id=user_id,
+            node_id=node_id,
            node_exec_id=node_exec_id,
            graph_exec_id=graph_exec_id,
            graph_id=graph_id,
@@ -165,6 +195,7 @@ class HITLReviewHelper:
            execution_context=execution_context,
            block_name=block_name,
            editable=editable,
+            skip_safe_mode_check=skip_safe_mode_check,
        )

        if review_result is None:
--- a/autogpt_platform/backend/backend/blocks/human_in_the_loop.py
+++ b/autogpt_platform/backend/backend/blocks/human_in_the_loop.py
@@ -97,6 +97,7 @@ class HumanInTheLoopBlock(Block):
        input_data: Input,
        *,
        user_id: str,
+        node_id: str,
        node_exec_id: str,
        graph_exec_id: str,
        graph_id: str,
@@ -104,7 +105,17 @@ class HumanInTheLoopBlock(Block):
        execution_context: ExecutionContext,
        **_kwargs,
    ) -> BlockOutput:
-        if not execution_context.safe_mode:
+        # Check if this specific node has been auto-approved by the user
+        if node_id in execution_context.auto_approved_node_ids:
+            logger.info(
+                f"HITL block skipping review for node {node_exec_id} - "
+                f"node {node_id} is auto-approved"
+            )
+            yield "approved_data", input_data.data
+            yield "review_message", "Auto-approved (user approved all future actions for this block)"
+            return
+
+        if not execution_context.human_in_the_loop_safe_mode:
            logger.info(
                f"HITL block skipping review for node {node_exec_id} - safe mode disabled"
            )
@@ -115,6 +126,7 @@ class HumanInTheLoopBlock(Block):
        decision = await self.handle_review_decision(
            input_data=input_data.data,
            user_id=user_id,
+            node_id=node_id,
            node_exec_id=node_exec_id,
            graph_exec_id=graph_exec_id,
            graph_id=graph_id,
--- a/autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker.py
+++ b/autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker.py
@@ -242,7 +242,7 @@ async def test_smart_decision_maker_tracks_llm_stats():
        outputs = {}
        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -343,7 +343,7 @@ async def test_smart_decision_maker_parameter_validation():

        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -409,7 +409,7 @@ async def test_smart_decision_maker_parameter_validation():

        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -471,7 +471,7 @@ async def test_smart_decision_maker_parameter_validation():
        outputs = {}
        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -535,7 +535,7 @@ async def test_smart_decision_maker_parameter_validation():
        outputs = {}
        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -658,7 +658,7 @@ async def test_smart_decision_maker_raw_response_conversion():
        outputs = {}
        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -730,7 +730,7 @@ async def test_smart_decision_maker_raw_response_conversion():
        outputs = {}
        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -786,7 +786,7 @@ async def test_smart_decision_maker_raw_response_conversion():
        outputs = {}
        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

@@ -905,7 +905,7 @@ async def test_smart_decision_maker_agent_mode():
        # Create a mock execution context

        mock_execution_context = ExecutionContext(
-            safe_mode=False,
+            human_in_the_loop_safe_mode=False,
        )

        # Create a mock execution processor for agent mode tests
@@ -1027,7 +1027,7 @@ async def test_smart_decision_maker_traditional_mode_default():

        # Create execution context

-        mock_execution_context = ExecutionContext(safe_mode=False)
+        mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)

        # Create a mock execution processor for tests

--- a/autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker_dynamic_fields.py
+++ b/autogpt_platform/backend/backend/blocks/test/test_smart_decision_maker_dynamic_fields.py
@@ -386,7 +386,7 @@ async def test_output_yielding_with_dynamic_fields():
            outputs = {}
            from backend.data.execution import ExecutionContext

-            mock_execution_context = ExecutionContext(safe_mode=False)
+            mock_execution_context = ExecutionContext(human_in_the_loop_safe_mode=False)
            mock_execution_processor = MagicMock()

            async for output_name, output_value in block.run(
@@ -609,7 +609,9 @@ async def test_validation_errors_dont_pollute_conversation():
                outputs = {}
                from backend.data.execution import ExecutionContext

-                mock_execution_context = ExecutionContext(safe_mode=False)
+                mock_execution_context = ExecutionContext(
+                    human_in_the_loop_safe_mode=False
+                )

                # Create a proper mock execution processor for agent mode
                from collections import defaultdict
--- a/autogpt_platform/backend/backend/data/block.py
+++ b/autogpt_platform/backend/backend/data/block.py
@@ -474,7 +474,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
        self.block_type = block_type
        self.webhook_config = webhook_config
        self.execution_stats: NodeExecutionStats = NodeExecutionStats()
-        self.requires_human_review: bool = False
+        self.is_sensitive_action: bool = False

        if self.webhook_config:
            if isinstance(self.webhook_config, BlockWebhookConfig):
@@ -622,6 +622,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
        input_data: BlockInput,
        *,
        user_id: str,
+        node_id: str,
        node_exec_id: str,
        graph_exec_id: str,
        graph_id: str,
@@ -637,8 +638,9 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
            - should_pause: True if execution should be paused for review
            - input_data_to_use: The input data to use (may be modified by reviewer)
        """
-        # Skip review if not required or safe mode is disabled
-        if not self.requires_human_review or not execution_context.safe_mode:
+        if not (
+            self.is_sensitive_action and execution_context.sensitive_action_safe_mode
+        ):
            return False, input_data

        from backend.blocks.helpers.review import HITLReviewHelper
@@ -647,6 +649,7 @@ class Block(ABC, Generic[BlockSchemaInputType, BlockSchemaOutputType]):
        decision = await HITLReviewHelper.handle_review_decision(
            input_data=input_data,
            user_id=user_id,
+            node_id=node_id,
            node_exec_id=node_exec_id,
            graph_exec_id=graph_exec_id,
            graph_id=graph_id,
--- a/autogpt_platform/backend/backend/data/execution.py
+++ b/autogpt_platform/backend/backend/data/execution.py
@@ -81,10 +81,12 @@ class ExecutionContext(BaseModel):
    This includes information needed by blocks, sub-graphs, and execution management.
    """

-    safe_mode: bool = True
+    human_in_the_loop_safe_mode: bool = True
+    sensitive_action_safe_mode: bool = False
    user_timezone: str = "UTC"
    root_execution_id: Optional[str] = None
    parent_execution_id: Optional[str] = None
+    auto_approved_node_ids: set[str] = Field(default_factory=set)


 # -------------------------- Models -------------------------- #
--- a/autogpt_platform/backend/backend/data/graph.py
+++ b/autogpt_platform/backend/backend/data/graph.py
@@ -62,7 +62,23 @@ logger = logging.getLogger(__name__)


 class GraphSettings(BaseModel):
-    human_in_the_loop_safe_mode: bool | None = None
+    human_in_the_loop_safe_mode: bool = True
+    sensitive_action_safe_mode: bool = False
+
+    @classmethod
+    def from_graph(
+        cls,
+        graph: "GraphModel",
+        hitl_safe_mode: bool | None = None,
+        sensitive_action_safe_mode: bool = False,
+    ) -> "GraphSettings":
+        # Default to True if not explicitly set
+        if hitl_safe_mode is None:
+            hitl_safe_mode = True
+        return cls(
+            human_in_the_loop_safe_mode=hitl_safe_mode,
+            sensitive_action_safe_mode=sensitive_action_safe_mode,
+        )


 class Link(BaseDbModel):
@@ -244,10 +260,14 @@ class BaseGraph(BaseDbModel):
        return any(
            node.block_id
            for node in self.nodes
-            if (
-                node.block.block_type == BlockType.HUMAN_IN_THE_LOOP
-                or node.block.requires_human_review
-            )
+            if node.block.block_type == BlockType.HUMAN_IN_THE_LOOP
+        )
+
+    @computed_field
+    @property
+    def has_sensitive_action(self) -> bool:
+        return any(
+            node.block_id for node in self.nodes if node.block.is_sensitive_action
        )

    @property
--- a/autogpt_platform/backend/backend/data/human_review.py
+++ b/autogpt_platform/backend/backend/data/human_review.py
@@ -38,6 +38,7 @@ async def get_or_create_human_review(
    graph_exec_id: str,
    graph_id: str,
    graph_version: int,
+    node_id: str,
    input_data: SafeJsonData,
    message: str,
    editable: bool,
@@ -53,6 +54,7 @@ async def get_or_create_human_review(
        graph_exec_id: ID of the graph execution
        graph_id: ID of the graph template
        graph_version: Version of the graph template
+        node_id: ID of the node in the graph definition
        input_data: The data to be reviewed
        message: Instructions for the reviewer
        editable: Whether the data can be edited
@@ -73,6 +75,7 @@ async def get_or_create_human_review(
                    "graphExecId": graph_exec_id,
                    "graphId": graph_id,
                    "graphVersion": graph_version,
+                    "nodeId": node_id,
                    "payload": SafeJson(input_data),
                    "instructions": message,
                    "editable": editable,
--- a/autogpt_platform/backend/backend/data/human_review_test.py
+++ b/autogpt_platform/backend/backend/data/human_review_test.py
@@ -23,6 +23,7 @@ def sample_db_review():
    mock_review.graphExecId = "test_graph_exec_456"
    mock_review.graphId = "test_graph_789"
    mock_review.graphVersion = 1
+    mock_review.nodeId = "node_def_123"
    mock_review.payload = {"data": "test payload"}
    mock_review.instructions = "Please review"
    mock_review.editable = True
@@ -55,6 +56,7 @@ async def test_get_or_create_human_review_new(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_123",
        input_data={"data": "test payload"},
        message="Please review",
        editable=True,
@@ -84,6 +86,7 @@ async def test_get_or_create_human_review_approved(
        graph_exec_id="test_graph_exec_456",
        graph_id="test_graph_789",
        graph_version=1,
+        node_id="node_def_123",
        input_data={"data": "test payload"},
        message="Please review",
        editable=True,
@@ -183,6 +186,7 @@ async def test_process_all_reviews_for_execution_success(
    updated_review.graphExecId = "test_graph_exec_456"
    updated_review.graphId = "test_graph_789"
    updated_review.graphVersion = 1
+    updated_review.nodeId = "node_def_123"
    updated_review.payload = {"data": "modified"}
    updated_review.instructions = "Please review"
    updated_review.editable = True
@@ -272,6 +276,7 @@ async def test_process_all_reviews_mixed_approval_rejection(
    second_review.graphExecId = "test_graph_exec_456"
    second_review.graphId = "test_graph_789"
    second_review.graphVersion = 1
+    second_review.nodeId = "node_def_456"
    second_review.payload = {"data": "original"}
    second_review.instructions = "Second review"
    second_review.editable = True
@@ -296,6 +301,7 @@ async def test_process_all_reviews_mixed_approval_rejection(
    approved_review.graphExecId = "test_graph_exec_456"
    approved_review.graphId = "test_graph_789"
    approved_review.graphVersion = 1
+    approved_review.nodeId = "node_def_123"
    approved_review.payload = {"data": "modified"}
    approved_review.instructions = "Please review"
    approved_review.editable = True
@@ -313,6 +319,7 @@ async def test_process_all_reviews_mixed_approval_rejection(
    rejected_review.graphExecId = "test_graph_exec_456"
    rejected_review.graphId = "test_graph_789"
    rejected_review.graphVersion = 1
+    rejected_review.nodeId = "node_def_456"
    rejected_review.payload = {"data": "original"}
    rejected_review.instructions = "Please review"
    rejected_review.editable = True
--- a/autogpt_platform/backend/backend/executor/scheduler.py
+++ b/autogpt_platform/backend/backend/executor/scheduler.py
@@ -309,7 +309,7 @@ def ensure_embeddings_coverage():

        # Process in batches until no more missing embeddings
        while True:
-            result = db_client.backfill_missing_embeddings(batch_size=10)
+            result = db_client.backfill_missing_embeddings(batch_size=100)

            total_processed += result["processed"]
            total_success += result["success"]
--- a/autogpt_platform/backend/backend/executor/utils.py
+++ b/autogpt_platform/backend/backend/executor/utils.py
@@ -873,11 +873,8 @@ async def add_graph_execution(
        settings = await gdb.get_graph_settings(user_id=user_id, graph_id=graph_id)

        execution_context = ExecutionContext(
-            safe_mode=(
-                settings.human_in_the_loop_safe_mode
-                if settings.human_in_the_loop_safe_mode is not None
-                else True
-            ),
+            human_in_the_loop_safe_mode=settings.human_in_the_loop_safe_mode,
+            sensitive_action_safe_mode=settings.sensitive_action_safe_mode,
            user_timezone=(
                user.timezone if user.timezone != USER_TIMEZONE_NOT_SET else "UTC"
            ),
--- a/autogpt_platform/backend/backend/executor/utils_test.py
+++ b/autogpt_platform/backend/backend/executor/utils_test.py
@@ -386,6 +386,7 @@ async def test_add_graph_execution_is_repeatable(mocker: MockerFixture):
    mock_user.timezone = "UTC"
    mock_settings = mocker.MagicMock()
    mock_settings.human_in_the_loop_safe_mode = True
+    mock_settings.sensitive_action_safe_mode = False

    mock_udb.get_user_by_id = mocker.AsyncMock(return_value=mock_user)
    mock_gdb.get_graph_settings = mocker.AsyncMock(return_value=mock_settings)
@@ -651,6 +652,7 @@ async def test_add_graph_execution_with_nodes_to_skip(mocker: MockerFixture):
    mock_user.timezone = "UTC"
    mock_settings = mocker.MagicMock()
    mock_settings.human_in_the_loop_safe_mode = True
+    mock_settings.sensitive_action_safe_mode = False

    mock_udb.get_user_by_id = mocker.AsyncMock(return_value=mock_user)
    mock_gdb.get_graph_settings = mocker.AsyncMock(return_value=mock_settings)
--- a/autogpt_platform/backend/migrations/20260121000000_add_node_id_to_pending_human_review/migration.sql
+++ b/autogpt_platform/backend/migrations/20260121000000_add_node_id_to_pending_human_review/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "PendingHumanReview" ADD COLUMN "nodeId" TEXT NOT NULL DEFAULT '';
--- a/autogpt_platform/backend/schema.prisma
+++ b/autogpt_platform/backend/schema.prisma
@@ -573,6 +573,7 @@ model PendingHumanReview {
  graphExecId   String
  graphId       String
  graphVersion  Int
+  nodeId        String       // The node ID in the graph definition (for auto-approval tracking)
  payload       Json // The actual payload data to be reviewed
  instructions  String? // Instructions/message for the reviewer
  editable      Boolean      @default(true) // Whether the reviewer can edit the data
--- a/autogpt_platform/backend/scripts/generate_block_docs.py
+++ b/autogpt_platform/backend/scripts/generate_block_docs.py
@@ -366,12 +366,12 @@ def generate_block_markdown(
    lines.append("")

    # What it is (full description)
-    lines.append(f"### What it is")
+    lines.append("### What it is")
    lines.append(block.description or "No description available.")
    lines.append("")

    # How it works (manual section)
-    lines.append(f"### How it works")
+    lines.append("### How it works")
    how_it_works = manual_content.get(
        "how_it_works", "_Add technical explanation here._"
    )
@@ -383,7 +383,7 @@ def generate_block_markdown(
    # Inputs table (auto-generated)
    visible_inputs = [f for f in block.inputs if not f.hidden]
    if visible_inputs:
-        lines.append(f"### Inputs")
+        lines.append("### Inputs")
        lines.append("")
        lines.append("| Input | Description | Type | Required |")
        lines.append("|-------|-------------|------|----------|")
@@ -400,7 +400,7 @@ def generate_block_markdown(
    # Outputs table (auto-generated)
    visible_outputs = [f for f in block.outputs if not f.hidden]
    if visible_outputs:
-        lines.append(f"### Outputs")
+        lines.append("### Outputs")
        lines.append("")
        lines.append("| Output | Description | Type |")
        lines.append("|--------|-------------|------|")
@@ -414,7 +414,7 @@ def generate_block_markdown(
        lines.append("")

    # Possible use case (manual section)
-    lines.append(f"### Possible use case")
+    lines.append("### Possible use case")
    use_case = manual_content.get("use_case", "_Add practical use case examples here._")
    lines.append("<!-- MANUAL: use_case -->")
    lines.append(use_case)
--- a/autogpt_platform/backend/snapshots/grph_single
+++ b/autogpt_platform/backend/snapshots/grph_single
@@ -11,6 +11,7 @@
  "forked_from_version": null,
  "has_external_trigger": false,
  "has_human_in_the_loop": false,
+  "has_sensitive_action": false,
  "id": "graph-123",
  "input_schema": {
    "properties": {},
--- a/autogpt_platform/backend/snapshots/grphs_all
+++ b/autogpt_platform/backend/snapshots/grphs_all
@@ -11,6 +11,7 @@
    "forked_from_version": null,
    "has_external_trigger": false,
    "has_human_in_the_loop": false,
+    "has_sensitive_action": false,
    "id": "graph-123",
    "input_schema": {
      "properties": {},
--- a/autogpt_platform/backend/snapshots/lib_agts_search
+++ b/autogpt_platform/backend/snapshots/lib_agts_search
@@ -27,6 +27,8 @@
        "properties": {}
      },
      "has_external_trigger": false,
+      "has_human_in_the_loop": false,
+      "has_sensitive_action": false,
      "trigger_setup_info": null,
      "new_output": false,
      "can_access_graph": true,
@@ -34,7 +36,8 @@
      "is_favorite": false,
      "recommended_schedule_cron": null,
      "settings": {
-        "human_in_the_loop_safe_mode": null
+        "human_in_the_loop_safe_mode": true,
+        "sensitive_action_safe_mode": false
      },
      "marketplace_listing": null
    },
@@ -65,6 +68,8 @@
        "properties": {}
      },
      "has_external_trigger": false,
+      "has_human_in_the_loop": false,
+      "has_sensitive_action": false,
      "trigger_setup_info": null,
      "new_output": false,
      "can_access_graph": false,
@@ -72,7 +77,8 @@
      "is_favorite": false,
      "recommended_schedule_cron": null,
      "settings": {
-        "human_in_the_loop_safe_mode": null
+        "human_in_the_loop_safe_mode": true,
+        "sensitive_action_safe_mode": false
      },
      "marketplace_listing": null
    }
--- a/autogpt_platform/frontend/src/app/(platform)/build/components/FloatingSafeModeToogle.tsx
+++ b/autogpt_platform/frontend/src/app/(platform)/build/components/FloatingSafeModeToogle.tsx
@@ -18,69 +18,110 @@ interface Props {
  fullWidth?: boolean;
 }

+interface SafeModeButtonProps {
+  isEnabled: boolean;
+  label: string;
+  tooltipEnabled: string;
+  tooltipDisabled: string;
+  onToggle: () => void;
+  isPending: boolean;
+  fullWidth?: boolean;
+}
+
+function SafeModeButton({
+  isEnabled,
+  label,
+  tooltipEnabled,
+  tooltipDisabled,
+  onToggle,
+  isPending,
+  fullWidth = false,
+}: SafeModeButtonProps) {
+  return (
+    <Tooltip delayDuration={100}>
+      <TooltipTrigger asChild>
+        <Button
+          variant={isEnabled ? "primary" : "outline"}
+          size="small"
+          onClick={onToggle}
+          disabled={isPending}
+          className={cn("justify-start", fullWidth ? "w-full" : "")}
+        >
+          {isEnabled ? (
+            <>
+              <ShieldCheckIcon weight="bold" size={16} />
+              <Text variant="body" className="text-zinc-200">
+                {label}: ON
+              </Text>
+            </>
+          ) : (
+            <>
+              <ShieldIcon weight="bold" size={16} />
+              <Text variant="body" className="text-zinc-600">
+                {label}: OFF
+              </Text>
+            </>
+          )}
+        </Button>
+      </TooltipTrigger>
+      <TooltipContent>
+        <div className="text-center">
+          <div className="font-medium">
+            {label}: {isEnabled ? "ON" : "OFF"}
+          </div>
+          <div className="mt-1 text-xs text-muted-foreground">
+            {isEnabled ? tooltipEnabled : tooltipDisabled}
+          </div>
+        </div>
+      </TooltipContent>
+    </Tooltip>
+  );
+}
+
 export function FloatingSafeModeToggle({
  graph,
  className,
  fullWidth = false,
 }: Props) {
  const {
-    currentSafeMode,
+    currentHITLSafeMode,
+    showHITLToggle,
+    handleHITLToggle,
+    currentSensitiveActionSafeMode,
+    showSensitiveActionToggle,
+    handleSensitiveActionToggle,
    isPending,
    shouldShowToggle,
-    isStateUndetermined,
-    handleToggle,
  } = useAgentSafeMode(graph);

-  if (!shouldShowToggle || isStateUndetermined || isPending) {
+  if (!shouldShowToggle || isPending) {
    return null;
  }

  return (
-    <div className={cn("fixed z-50", className)}>
-      <Tooltip delayDuration={100}>
-        <TooltipTrigger asChild>
-          <Button
-            variant={currentSafeMode! ? "primary" : "outline"}
-            key={graph.id}
-            size="small"
-            title={
-              currentSafeMode!
-                ? "Safe Mode: ON. Human in the loop blocks require manual review"
-                : "Safe Mode: OFF. Human in the loop blocks proceed automatically"
-            }
-            onClick={handleToggle}
-            className={cn(fullWidth ? "w-full" : "")}
-          >
-            {currentSafeMode! ? (
-              <>
-                <ShieldCheckIcon weight="bold" size={16} />
-                <Text variant="body" className="text-zinc-200">
-                  Safe Mode: ON
-                </Text>
-              </>
-            ) : (
-              <>
-                <ShieldIcon weight="bold" size={16} />
-                <Text variant="body" className="text-zinc-600">
-                  Safe Mode: OFF
-                </Text>
-              </>
-            )}
-          </Button>
-        </TooltipTrigger>
-        <TooltipContent>
-          <div className="text-center">
-            <div className="font-medium">
-              Safe Mode: {currentSafeMode! ? "ON" : "OFF"}
-            </div>
-            <div className="mt-1 text-xs text-muted-foreground">
-              {currentSafeMode!
-                ? "Human in the loop blocks require manual review"
-                : "Human in the loop blocks proceed automatically"}
-            </div>
-          </div>
-        </TooltipContent>
-      </Tooltip>
+    <div className={cn("fixed z-50 flex flex-col gap-2", className)}>
+      {showHITLToggle && (
+        <SafeModeButton
+          isEnabled={currentHITLSafeMode}
+          label="Human in the loop block approval"
+          tooltipEnabled="The agent will pause at human-in-the-loop blocks and wait for your approval"
+          tooltipDisabled="Human in the loop blocks will proceed automatically"
+          onToggle={handleHITLToggle}
+          isPending={isPending}
+          fullWidth={fullWidth}
+        />
+      )}
+      {showSensitiveActionToggle && (
+        <SafeModeButton
+          isEnabled={currentSensitiveActionSafeMode}
+          label="Sensitive actions blocks approval"
+          tooltipEnabled="The agent will pause at sensitive action blocks and wait for your approval"
+          tooltipDisabled="Sensitive action blocks will proceed automatically"
+          onToggle={handleSensitiveActionToggle}
+          isPending={isPending}
+          fullWidth={fullWidth}
+        />
+      )}
    </div>
  );
 }
--- a/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/AgentSettingsModal/AgentSettingsModal.tsx
+++ b/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/AgentSettingsModal/AgentSettingsModal.tsx
@@ -31,10 +31,18 @@ export function AgentSettingsModal({
    }
  }

-  const { currentSafeMode, isPending, hasHITLBlocks, handleToggle } =
-    useAgentSafeMode(agent);
+  const {
+    currentHITLSafeMode,
+    showHITLToggle,
+    handleHITLToggle,
+    currentSensitiveActionSafeMode,
+    showSensitiveActionToggle,
+    handleSensitiveActionToggle,
+    isPending,
+    shouldShowToggle,
+  } = useAgentSafeMode(agent);

-  if (!hasHITLBlocks) return null;
+  if (!shouldShowToggle) return null;

  return (
    <Dialog
@@ -57,23 +65,48 @@ export function AgentSettingsModal({
      )}
      <Dialog.Content>
        <div className="space-y-6">
-          <div className="flex w-full flex-col items-start gap-4 rounded-xl border border-zinc-100 bg-white p-6">
-            <div className="flex w-full items-start justify-between gap-4">
-              <div className="flex-1">
-                <Text variant="large-semibold">Require human approval</Text>
-                <Text variant="large" className="mt-1 text-zinc-900">
-                  The agent will pause and wait for your review before
-                  continuing
-                </Text>
+          {showHITLToggle && (
+            <div className="flex w-full flex-col items-start gap-4 rounded-xl border border-zinc-100 bg-white p-6">
+              <div className="flex w-full items-start justify-between gap-4">
+                <div className="flex-1">
+                  <Text variant="large-semibold">
+                    Human-in-the-loop approval
+                  </Text>
+                  <Text variant="large" className="mt-1 text-zinc-900">
+                    The agent will pause at human-in-the-loop blocks and wait
+                    for your review before continuing
+                  </Text>
+                </div>
+                <Switch
+                  checked={currentHITLSafeMode || false}
+                  onCheckedChange={handleHITLToggle}
+                  disabled={isPending}
+                  className="mt-1"
+                />
              </div>
-              <Switch
-                checked={currentSafeMode || false}
-                onCheckedChange={handleToggle}
-                disabled={isPending}
-                className="mt-1"
-              />
            </div>
-          </div>
+          )}
+          {showSensitiveActionToggle && (
+            <div className="flex w-full flex-col items-start gap-4 rounded-xl border border-zinc-100 bg-white p-6">
+              <div className="flex w-full items-start justify-between gap-4">
+                <div className="flex-1">
+                  <Text variant="large-semibold">
+                    Sensitive action approval
+                  </Text>
+                  <Text variant="large" className="mt-1 text-zinc-900">
+                    The agent will pause at sensitive action blocks and wait for
+                    your review before continuing
+                  </Text>
+                </div>
+                <Switch
+                  checked={currentSensitiveActionSafeMode}
+                  onCheckedChange={handleSensitiveActionToggle}
+                  disabled={isPending}
+                  className="mt-1"
+                />
+              </div>
+            </div>
+          )}
        </div>
      </Dialog.Content>
    </Dialog>
--- a/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/RunAgentModal/RunAgentModal.tsx
+++ b/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/RunAgentModal/RunAgentModal.tsx
@@ -14,6 +14,10 @@ import {
 import { Dialog } from "@/components/molecules/Dialog/Dialog";
 import { useEffect, useRef, useState } from "react";
 import { ScheduleAgentModal } from "../ScheduleAgentModal/ScheduleAgentModal";
+import {
+  AIAgentSafetyPopup,
+  useAIAgentSafetyPopup,
+} from "./components/AIAgentSafetyPopup/AIAgentSafetyPopup";
 import { ModalHeader } from "./components/ModalHeader/ModalHeader";
 import { ModalRunSection } from "./components/ModalRunSection/ModalRunSection";
 import { RunActions } from "./components/RunActions/RunActions";
@@ -83,8 +87,17 @@ export function RunAgentModal({

  const [isScheduleModalOpen, setIsScheduleModalOpen] = useState(false);
  const [hasOverflow, setHasOverflow] = useState(false);
+  const [isSafetyPopupOpen, setIsSafetyPopupOpen] = useState(false);
+  const [pendingRunAction, setPendingRunAction] = useState<(() => void) | null>(
+    null,
+  );
  const contentRef = useRef<HTMLDivElement>(null);

+  const { shouldShowPopup, dismissPopup } = useAIAgentSafetyPopup(
+    agent.has_sensitive_action,
+    agent.has_human_in_the_loop,
+  );
+
  const hasAnySetupFields =
    Object.keys(agentInputFields || {}).length > 0 ||
    Object.keys(agentCredentialsInputFields || {}).length > 0;
@@ -165,6 +178,24 @@ export function RunAgentModal({
    onScheduleCreated?.(schedule);
  }

+  function handleRunWithSafetyCheck() {
+    if (shouldShowPopup) {
+      setPendingRunAction(() => handleRun);
+      setIsSafetyPopupOpen(true);
+    } else {
+      handleRun();
+    }
+  }
+
+  function handleSafetyPopupAcknowledge() {
+    setIsSafetyPopupOpen(false);
+    dismissPopup();
+    if (pendingRunAction) {
+      pendingRunAction();
+      setPendingRunAction(null);
+    }
+  }
+
  return (
    <>
      <Dialog
@@ -248,7 +279,7 @@ export function RunAgentModal({
                )}
                <RunActions
                  defaultRunType={defaultRunType}
-                  onRun={handleRun}
+                  onRun={handleRunWithSafetyCheck}
                  isExecuting={isExecuting}
                  isSettingUpTrigger={isSettingUpTrigger}
                  isRunReady={allRequiredInputsAreSet}
@@ -266,6 +297,11 @@ export function RunAgentModal({
          </div>
        </Dialog.Content>
      </Dialog>
+
+      <AIAgentSafetyPopup
+        isOpen={isSafetyPopupOpen}
+        onAcknowledge={handleSafetyPopupAcknowledge}
+      />
    </>
  );
 }
--- a/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/RunAgentModal/components/AIAgentSafetyPopup/AIAgentSafetyPopup.tsx
+++ b/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/modals/RunAgentModal/components/AIAgentSafetyPopup/AIAgentSafetyPopup.tsx
@@ -0,0 +1,95 @@
+"use client";
+
+import { Button } from "@/components/atoms/Button/Button";
+import { Text } from "@/components/atoms/Text/Text";
+import { Dialog } from "@/components/molecules/Dialog/Dialog";
+import { Key, storage } from "@/services/storage/local-storage";
+import { ShieldCheckIcon } from "@phosphor-icons/react";
+import { useCallback, useEffect, useState } from "react";
+
+interface Props {
+  onAcknowledge: () => void;
+  isOpen: boolean;
+}
+
+export function AIAgentSafetyPopup({ onAcknowledge, isOpen }: Props) {
+  function handleAcknowledge() {
+    // Mark popup as shown so it won't appear again
+    storage.set(Key.AI_AGENT_SAFETY_POPUP_SHOWN, "true");
+    onAcknowledge();
+  }
+
+  if (!isOpen) return null;
+
+  return (
+    <Dialog
+      controlled={{ isOpen, set: () => {} }}
+      styling={{ maxWidth: "480px" }}
+    >
+      <Dialog.Content>
+        <div className="flex flex-col items-center p-6 text-center">
+          <div className="mb-6 flex h-16 w-16 items-center justify-center rounded-full bg-blue-50">
+            <ShieldCheckIcon
+              weight="fill"
+              size={32}
+              className="text-blue-600"
+            />
+          </div>
+
+          <Text variant="h3" className="mb-4">
+            Safety Checks Enabled
+          </Text>
+
+          <Text variant="body" className="mb-2 text-zinc-700">
+            AI-generated agents may take actions that affect your data or
+            external systems.
+          </Text>
+
+          <Text variant="body" className="mb-8 text-zinc-700">
+            AutoGPT includes safety checks so you&apos;ll always have the
+            opportunity to review and approve sensitive actions before they
+            happen.
+          </Text>
+
+          <Button
+            variant="primary"
+            size="large"
+            className="w-full"
+            onClick={handleAcknowledge}
+          >
+            Got it
+          </Button>
+        </div>
+      </Dialog.Content>
+    </Dialog>
+  );
+}
+
+export function useAIAgentSafetyPopup(
+  hasSensitiveAction: boolean,
+  hasHumanInTheLoop: boolean,
+) {
+  const [shouldShowPopup, setShouldShowPopup] = useState(false);
+  const [hasChecked, setHasChecked] = useState(false);
+
+  useEffect(() => {
+    // Only check once after mount (to avoid SSR issues)
+    if (hasChecked) return;
+
+    const hasSeenPopup =
+      storage.get(Key.AI_AGENT_SAFETY_POPUP_SHOWN) === "true";
+    const isRelevantAgent = hasSensitiveAction || hasHumanInTheLoop;
+
+    setShouldShowPopup(!hasSeenPopup && isRelevantAgent);
+    setHasChecked(true);
+  }, [hasSensitiveAction, hasHumanInTheLoop, hasChecked]);
+
+  const dismissPopup = useCallback(() => {
+    setShouldShowPopup(false);
+  }, []);
+
+  return {
+    shouldShowPopup,
+    dismissPopup,
+  };
+}
--- a/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/selected-views/SelectedRunView/components/SafeModeToggle.tsx
+++ b/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/selected-views/SelectedRunView/components/SafeModeToggle.tsx
@@ -5,48 +5,104 @@ import { Graph } from "@/lib/autogpt-server-api/types";
 import { cn } from "@/lib/utils";
 import { ShieldCheckIcon, ShieldIcon } from "@phosphor-icons/react";
 import { useAgentSafeMode } from "@/hooks/useAgentSafeMode";
+import {
+  Tooltip,
+  TooltipContent,
+  TooltipTrigger,
+} from "@/components/atoms/Tooltip/BaseTooltip";

 interface Props {
  graph: GraphModel | LibraryAgent | Graph;
  className?: string;
-  fullWidth?: boolean;
 }

-export function SafeModeToggle({ graph }: Props) {
+interface SafeModeIconButtonProps {
+  isEnabled: boolean;
+  label: string;
+  tooltipEnabled: string;
+  tooltipDisabled: string;
+  onToggle: () => void;
+  isPending: boolean;
+}
+
+function SafeModeIconButton({
+  isEnabled,
+  label,
+  tooltipEnabled,
+  tooltipDisabled,
+  onToggle,
+  isPending,
+}: SafeModeIconButtonProps) {
+  return (
+    <Tooltip delayDuration={100}>
+      <TooltipTrigger asChild>
+        <Button
+          variant="icon"
+          size="icon"
+          aria-label={`${label}: ${isEnabled ? "ON" : "OFF"}. ${isEnabled ? tooltipEnabled : tooltipDisabled}`}
+          onClick={onToggle}
+          disabled={isPending}
+          className={cn(isPending ? "opacity-0" : "opacity-100")}
+        >
+          {isEnabled ? (
+            <ShieldCheckIcon weight="bold" size={16} />
+          ) : (
+            <ShieldIcon weight="bold" size={16} />
+          )}
+        </Button>
+      </TooltipTrigger>
+      <TooltipContent>
+        <div className="text-center">
+          <div className="font-medium">
+            {label}: {isEnabled ? "ON" : "OFF"}
+          </div>
+          <div className="mt-1 text-xs text-muted-foreground">
+            {isEnabled ? tooltipEnabled : tooltipDisabled}
+          </div>
+        </div>
+      </TooltipContent>
+    </Tooltip>
+  );
+}
+
+export function SafeModeToggle({ graph, className }: Props) {
  const {
-    currentSafeMode,
+    currentHITLSafeMode,
+    showHITLToggle,
+    handleHITLToggle,
+    currentSensitiveActionSafeMode,
+    showSensitiveActionToggle,
+    handleSensitiveActionToggle,
    isPending,
    shouldShowToggle,
-    isStateUndetermined,
-    handleToggle,
  } = useAgentSafeMode(graph);

-  if (!shouldShowToggle || isStateUndetermined) {
+  if (!shouldShowToggle) {
    return null;
  }

  return (
-    <Button
-      variant="icon"
-      key={graph.id}
-      size="icon"
-      aria-label={
-        currentSafeMode!
-          ? "Safe Mode: ON. Human in the loop blocks require manual review"
-          : "Safe Mode: OFF. Human in the loop blocks proceed automatically"
-      }
-      onClick={handleToggle}
-      className={cn(isPending ? "opacity-0" : "opacity-100")}
-    >
-      {currentSafeMode! ? (
-        <>
-          <ShieldCheckIcon weight="bold" size={16} />
-        </>
-      ) : (
-        <>
-          <ShieldIcon weight="bold" size={16} />
-        </>
+    <div className={cn("flex gap-1", className)}>
+      {showHITLToggle && (
+        <SafeModeIconButton
+          isEnabled={currentHITLSafeMode}
+          label="Human-in-the-loop"
+          tooltipEnabled="The agent will pause at human-in-the-loop blocks and wait for your approval"
+          tooltipDisabled="Human-in-the-loop blocks will proceed automatically"
+          onToggle={handleHITLToggle}
+          isPending={isPending}
+        />
      )}
-    </Button>
+      {showSensitiveActionToggle && (
+        <SafeModeIconButton
+          isEnabled={currentSensitiveActionSafeMode}
+          label="Sensitive actions"
+          tooltipEnabled="The agent will pause at sensitive action blocks and wait for your approval"
+          tooltipDisabled="Sensitive action blocks will proceed automatically"
+          onToggle={handleSensitiveActionToggle}
+          isPending={isPending}
+        />
+      )}
+    </div>
  );
 }
--- a/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/selected-views/SelectedSettingsView/SelectedSettingsView.tsx
+++ b/autogpt_platform/frontend/src/app/(platform)/library/agents/[id]/components/NewAgentLibraryView/components/selected-views/SelectedSettingsView/SelectedSettingsView.tsx
@@ -13,8 +13,16 @@ interface Props {
 }

 export function SelectedSettingsView({ agent, onClearSelectedRun }: Props) {
-  const { currentSafeMode, isPending, hasHITLBlocks, handleToggle } =
-    useAgentSafeMode(agent);
+  const {
+    currentHITLSafeMode,
+    showHITLToggle,
+    handleHITLToggle,
+    currentSensitiveActionSafeMode,
+    showSensitiveActionToggle,
+    handleSensitiveActionToggle,
+    isPending,
+    shouldShowToggle,
+  } = useAgentSafeMode(agent);

  return (
    <SelectedViewLayout agent={agent}>
@@ -34,24 +42,51 @@ export function SelectedSettingsView({ agent, onClearSelectedRun }: Props) {
        </div>

        <div className={`${AGENT_LIBRARY_SECTION_PADDING_X} space-y-6`}>
-          {hasHITLBlocks ? (
-            <div className="flex w-full max-w-2xl flex-col items-start gap-4 rounded-xl border border-zinc-100 bg-white p-6">
-              <div className="flex w-full items-start justify-between gap-4">
-                <div className="flex-1">
-                  <Text variant="large-semibold">Require human approval</Text>
-                  <Text variant="large" className="mt-1 text-zinc-900">
-                    The agent will pause and wait for your review before
-                    continuing
-                  </Text>
+          {shouldShowToggle ? (
+            <>
+              {showHITLToggle && (
+                <div className="flex w-full max-w-2xl flex-col items-start gap-4 rounded-xl border border-zinc-100 bg-white p-6">
+                  <div className="flex w-full items-start justify-between gap-4">
+                    <div className="flex-1">
+                      <Text variant="large-semibold">
+                        Human-in-the-loop approval
+                      </Text>
+                      <Text variant="large" className="mt-1 text-zinc-900">
+                        The agent will pause at human-in-the-loop blocks and
+                        wait for your review before continuing
+                      </Text>
+                    </div>
+                    <Switch
+                      checked={currentHITLSafeMode || false}
+                      onCheckedChange={handleHITLToggle}
+                      disabled={isPending}
+                      className="mt-1"
+                    />
+                  </div>
                </div>
-                <Switch
-                  checked={currentSafeMode || false}
-                  onCheckedChange={handleToggle}
-                  disabled={isPending}
-                  className="mt-1"
-                />
-              </div>
-            </div>
+              )}
+              {showSensitiveActionToggle && (
+                <div className="flex w-full max-w-2xl flex-col items-start gap-4 rounded-xl border border-zinc-100 bg-white p-6">
+                  <div className="flex w-full items-start justify-between gap-4">
+                    <div className="flex-1">
+                      <Text variant="large-semibold">
+                        Sensitive action approval
+                      </Text>
+                      <Text variant="large" className="mt-1 text-zinc-900">
+                        The agent will pause at sensitive action blocks and wait
+                        for your review before continuing
+                      </Text>
+                    </div>
+                    <Switch
+                      checked={currentSensitiveActionSafeMode}
+                      onCheckedChange={handleSensitiveActionToggle}
+                      disabled={isPending}
+                      className="mt-1"
+                    />
+                  </div>
+                </div>
+              )}
+            </>
          ) : (
            <div className="rounded-xl border border-zinc-100 bg-white p-6">
              <Text variant="body" className="text-muted-foreground">
--- a/autogpt_platform/frontend/src/app/api/openapi.json
+++ b/autogpt_platform/frontend/src/app/api/openapi.json
@@ -6383,6 +6383,11 @@
            "title": "Has Human In The Loop",
            "readOnly": true
          },
+          "has_sensitive_action": {
+            "type": "boolean",
+            "title": "Has Sensitive Action",
+            "readOnly": true
+          },
          "trigger_setup_info": {
            "anyOf": [
              { "$ref": "#/components/schemas/GraphTriggerInfo" },
@@ -6399,6 +6404,7 @@
          "output_schema",
          "has_external_trigger",
          "has_human_in_the_loop",
+          "has_sensitive_action",
          "trigger_setup_info"
        ],
        "title": "BaseGraph"
@@ -7629,6 +7635,11 @@
            "title": "Has Human In The Loop",
            "readOnly": true
          },
+          "has_sensitive_action": {
+            "type": "boolean",
+            "title": "Has Sensitive Action",
+            "readOnly": true
+          },
          "trigger_setup_info": {
            "anyOf": [
              { "$ref": "#/components/schemas/GraphTriggerInfo" },
@@ -7652,6 +7663,7 @@
          "output_schema",
          "has_external_trigger",
          "has_human_in_the_loop",
+          "has_sensitive_action",
          "trigger_setup_info",
          "credentials_input_schema"
        ],
@@ -7730,6 +7742,11 @@
            "title": "Has Human In The Loop",
            "readOnly": true
          },
+          "has_sensitive_action": {
+            "type": "boolean",
+            "title": "Has Sensitive Action",
+            "readOnly": true
+          },
          "trigger_setup_info": {
            "anyOf": [
              { "$ref": "#/components/schemas/GraphTriggerInfo" },
@@ -7754,6 +7771,7 @@
          "output_schema",
          "has_external_trigger",
          "has_human_in_the_loop",
+          "has_sensitive_action",
          "trigger_setup_info",
          "credentials_input_schema"
        ],
@@ -7762,8 +7780,14 @@
      "GraphSettings": {
        "properties": {
          "human_in_the_loop_safe_mode": {
-            "anyOf": [{ "type": "boolean" }, { "type": "null" }],
-            "title": "Human In The Loop Safe Mode"
+            "type": "boolean",
+            "title": "Human In The Loop Safe Mode",
+            "default": true
+          },
+          "sensitive_action_safe_mode": {
+            "type": "boolean",
+            "title": "Sensitive Action Safe Mode",
+            "default": false
          }
        },
        "type": "object",
@@ -7921,6 +7945,16 @@
            "title": "Has External Trigger",
            "description": "Whether the agent has an external trigger (e.g. webhook) node"
          },
+          "has_human_in_the_loop": {
+            "type": "boolean",
+            "title": "Has Human In The Loop",
+            "description": "Whether the agent has human-in-the-loop blocks"
+          },
+          "has_sensitive_action": {
+            "type": "boolean",
+            "title": "Has Sensitive Action",
+            "description": "Whether the agent has sensitive action blocks"
+          },
          "trigger_setup_info": {
            "anyOf": [
              { "$ref": "#/components/schemas/GraphTriggerInfo" },
@@ -7967,6 +8001,8 @@
          "output_schema",
          "credentials_input_schema",
          "has_external_trigger",
+          "has_human_in_the_loop",
+          "has_sensitive_action",
          "new_output",
          "can_access_graph",
          "is_latest_version",
@@ -8793,6 +8829,11 @@
            "title": "Graph Version",
            "description": "Graph version"
          },
+          "node_id": {
+            "type": "string",
+            "title": "Node Id",
+            "description": "Node ID in the graph definition"
+          },
          "payload": {
            "anyOf": [
              { "additionalProperties": true, "type": "object" },
@@ -8866,6 +8907,7 @@
          "graph_exec_id",
          "graph_id",
          "graph_version",
+          "node_id",
          "payload",
          "editable",
          "status",
@@ -9389,6 +9431,12 @@
            "type": "array",
            "title": "Reviews",
            "description": "All reviews with their approval status, data, and messages"
+          },
+          "auto_approve_node_ids": {
+            "items": { "type": "string" },
+            "type": "array",
+            "title": "Auto Approve Node Ids",
+            "description": "List of node IDs (from the graph definition) to auto-approve for the remainder of this execution. Future reviews from these specific nodes will be automatically approved. This only affects the current execution run."
          }
        },
        "type": "object",
--- a/autogpt_platform/frontend/src/components/organisms/PendingReviewsList/PendingReviewsList.tsx
+++ b/autogpt_platform/frontend/src/components/organisms/PendingReviewsList/PendingReviewsList.tsx
@@ -37,7 +37,7 @@ export function PendingReviewsList({
  >({});

  const [pendingAction, setPendingAction] = useState<
-    "approve" | "reject" | null
+    "approve" | "approve-all" | "reject" | null
  >(null);

  const { toast } = useToast();
@@ -92,7 +92,10 @@ export function PendingReviewsList({
    setReviewMessageMap((prev) => ({ ...prev, [nodeExecId]: message }));
  }

-  function processReviews(approved: boolean) {
+  function processReviews(
+    approved: boolean,
+    autoApproveFutureActions: boolean = false,
+  ) {
    if (reviews.length === 0) {
      toast({
        title: "No reviews to process",
@@ -102,7 +105,13 @@ export function PendingReviewsList({
      return;
    }

-    setPendingAction(approved ? "approve" : "reject");
+    setPendingAction(
+      autoApproveFutureActions
+        ? "approve-all"
+        : approved
+          ? "approve"
+          : "reject",
+    );
    const reviewItems = [];

    for (const review of reviews) {
@@ -134,9 +143,15 @@ export function PendingReviewsList({
      });
    }

+    // Collect unique node_ids if auto-approving future actions
+    const autoApproveNodeIds = autoApproveFutureActions
+      ? [...new Set(reviews.map((r) => r.node_id))]
+      : [];
+
    reviewActionMutation.mutate({
      data: {
        reviews: reviewItems,
+        auto_approve_node_ids: autoApproveNodeIds,
      },
    });
  }
@@ -191,12 +206,8 @@ export function PendingReviewsList({
        ))}
      </div>

-      <div className="space-y-7">
-        <Text variant="body" className="text-textGrey">
-          Note: Changes you make here apply only to this task
-        </Text>
-
-        <div className="flex gap-2">
+      <div className="space-y-4">
+        <div className="flex flex-wrap gap-2">
          <Button
            onClick={() => processReviews(true)}
            disabled={reviewActionMutation.isPending || reviews.length === 0}
@@ -208,6 +219,17 @@ export function PendingReviewsList({
          >
            Approve
          </Button>
+          <Button
+            onClick={() => processReviews(true, true)}
+            disabled={reviewActionMutation.isPending || reviews.length === 0}
+            variant="secondary"
+            className="flex items-center justify-center gap-2 rounded-full px-4 py-3"
+            loading={
+              pendingAction === "approve-all" && reviewActionMutation.isPending
+            }
+          >
+            Approve all future actions
+          </Button>
          <Button
            onClick={() => processReviews(false)}
            disabled={reviewActionMutation.isPending || reviews.length === 0}
@@ -220,6 +242,11 @@ export function PendingReviewsList({
            Reject
          </Button>
        </div>
+
+        <Text variant="small" className="text-textGrey">
+          You can turn auto-approval on or off anytime in this agent&apos;s
+          settings.
+        </Text>
      </div>
    </div>
  );
--- a/autogpt_platform/frontend/src/hooks/useAgentSafeMode.ts
+++ b/autogpt_platform/frontend/src/hooks/useAgentSafeMode.ts
@@ -20,11 +20,15 @@ function hasHITLBlocks(graph: GraphModel | LibraryAgent | Graph): boolean {
  if ("has_human_in_the_loop" in graph) {
    return !!graph.has_human_in_the_loop;
  }
+  return false;
+}

-  if (isLibraryAgent(graph)) {
-    return graph.settings?.human_in_the_loop_safe_mode !== null;
+function hasSensitiveActionBlocks(
+  graph: GraphModel | LibraryAgent | Graph,
+): boolean {
+  if ("has_sensitive_action" in graph) {
+    return !!graph.has_sensitive_action;
  }
-
  return false;
 }

@@ -40,7 +44,9 @@ export function useAgentSafeMode(graph: GraphModel | LibraryAgent | Graph) {

  const graphId = getGraphId(graph);
  const isAgent = isLibraryAgent(graph);
-  const shouldShowToggle = hasHITLBlocks(graph);
+  const showHITLToggle = hasHITLBlocks(graph);
+  const showSensitiveActionToggle = hasSensitiveActionBlocks(graph);
+  const shouldShowToggle = showHITLToggle || showSensitiveActionToggle;

  const { mutateAsync: updateGraphSettings, isPending } =
    usePatchV1UpdateGraphSettings();
@@ -56,27 +62,37 @@ export function useAgentSafeMode(graph: GraphModel | LibraryAgent | Graph) {
    },
  );

-  const [localSafeMode, setLocalSafeMode] = useState<boolean | null>(null);
+  const [localHITLSafeMode, setLocalHITLSafeMode] = useState<boolean>(true);
+  const [localSensitiveActionSafeMode, setLocalSensitiveActionSafeMode] =
+    useState<boolean>(false);
+  const [isLocalStateLoaded, setIsLocalStateLoaded] = useState<boolean>(false);

  useEffect(() => {
    if (!isAgent && libraryAgent) {
-      const backendValue = libraryAgent.settings?.human_in_the_loop_safe_mode;
-      if (backendValue !== undefined) {
-        setLocalSafeMode(backendValue);
-      }
+      setLocalHITLSafeMode(
+        libraryAgent.settings?.human_in_the_loop_safe_mode ?? true,
+      );
+      setLocalSensitiveActionSafeMode(
+        libraryAgent.settings?.sensitive_action_safe_mode ?? false,
+      );
+      setIsLocalStateLoaded(true);
    }
  }, [isAgent, libraryAgent]);

-  const currentSafeMode = isAgent
-    ? graph.settings?.human_in_the_loop_safe_mode
-    : localSafeMode;
+  const currentHITLSafeMode = isAgent
+    ? (graph.settings?.human_in_the_loop_safe_mode ?? true)
+    : localHITLSafeMode;

-  const isStateUndetermined = isAgent
-    ? graph.settings?.human_in_the_loop_safe_mode == null
-    : isLoading || localSafeMode === null;
+  const currentSensitiveActionSafeMode = isAgent
+    ? (graph.settings?.sensitive_action_safe_mode ?? false)
+    : localSensitiveActionSafeMode;

-  const handleToggle = useCallback(async () => {
-    const newSafeMode = !currentSafeMode;
+  const isHITLStateUndetermined = isAgent
+    ? false
+    : isLoading || !isLocalStateLoaded;
+
+  const handleHITLToggle = useCallback(async () => {
+    const newSafeMode = !currentHITLSafeMode;

    try {
      await updateGraphSettings({
@@ -85,7 +101,7 @@ export function useAgentSafeMode(graph: GraphModel | LibraryAgent | Graph) {
      });

      if (!isAgent) {
-        setLocalSafeMode(newSafeMode);
+        setLocalHITLSafeMode(newSafeMode);
      }

      if (isAgent) {
@@ -101,37 +117,62 @@ export function useAgentSafeMode(graph: GraphModel | LibraryAgent | Graph) {
      queryClient.invalidateQueries({ queryKey: ["v2", "executions"] });

      toast({
-        title: `Safe mode ${newSafeMode ? "enabled" : "disabled"}`,
+        title: `HITL safe mode ${newSafeMode ? "enabled" : "disabled"}`,
        description: newSafeMode
          ? "Human-in-the-loop blocks will require manual review"
          : "Human-in-the-loop blocks will proceed automatically",
        duration: 2000,
      });
    } catch (error) {
-      const isNotFoundError =
-        error instanceof Error &&
-        (error.message.includes("404") || error.message.includes("not found"));
-
-      if (!isAgent && isNotFoundError) {
-        toast({
-          title: "Safe mode not available",
-          description:
-            "To configure safe mode, please save this graph to your library first.",
-          variant: "destructive",
-        });
-      } else {
-        toast({
-          title: "Failed to update safe mode",
-          description:
-            error instanceof Error
-              ? error.message
-              : "An unexpected error occurred.",
-          variant: "destructive",
-        });
-      }
+      handleToggleError(error, isAgent, toast);
    }
  }, [
-    currentSafeMode,
+    currentHITLSafeMode,
+    graphId,
+    isAgent,
+    graph.id,
+    updateGraphSettings,
+    queryClient,
+    toast,
+  ]);
+
+  const handleSensitiveActionToggle = useCallback(async () => {
+    const newSafeMode = !currentSensitiveActionSafeMode;
+
+    try {
+      await updateGraphSettings({
+        graphId,
+        data: { sensitive_action_safe_mode: newSafeMode },
+      });
+
+      if (!isAgent) {
+        setLocalSensitiveActionSafeMode(newSafeMode);
+      }
+
+      if (isAgent) {
+        queryClient.invalidateQueries({
+          queryKey: getGetV2GetLibraryAgentQueryOptions(graph.id.toString())
+            .queryKey,
+        });
+      }
+
+      queryClient.invalidateQueries({
+        queryKey: ["v1", "graphs", graphId, "executions"],
+      });
+      queryClient.invalidateQueries({ queryKey: ["v2", "executions"] });
+
+      toast({
+        title: `Sensitive action safe mode ${newSafeMode ? "enabled" : "disabled"}`,
+        description: newSafeMode
+          ? "Sensitive action blocks will require manual review"
+          : "Sensitive action blocks will proceed automatically",
+        duration: 2000,
+      });
+    } catch (error) {
+      handleToggleError(error, isAgent, toast);
+    }
+  }, [
+    currentSensitiveActionSafeMode,
    graphId,
    isAgent,
    graph.id,
@@ -141,11 +182,53 @@ export function useAgentSafeMode(graph: GraphModel | LibraryAgent | Graph) {
  ]);

  return {
-    currentSafeMode,
+    // HITL safe mode
+    currentHITLSafeMode,
+    showHITLToggle,
+    isHITLStateUndetermined,
+    handleHITLToggle,
+
+    // Sensitive action safe mode
+    currentSensitiveActionSafeMode,
+    showSensitiveActionToggle,
+    handleSensitiveActionToggle,
+
+    // General
    isPending,
    shouldShowToggle,
-    isStateUndetermined,
-    handleToggle,
-    hasHITLBlocks: shouldShowToggle,
+
+    // Backwards compatibility
+    currentSafeMode: currentHITLSafeMode,
+    isStateUndetermined: isHITLStateUndetermined,
+    handleToggle: handleHITLToggle,
+    hasHITLBlocks: showHITLToggle,
  };
 }
+
+function handleToggleError(
+  error: unknown,
+  isAgent: boolean,
+  toast: ReturnType<typeof useToast>["toast"],
+) {
+  const isNotFoundError =
+    error instanceof Error &&
+    (error.message.includes("404") || error.message.includes("not found"));
+
+  if (!isAgent && isNotFoundError) {
+    toast({
+      title: "Safe mode not available",
+      description:
+        "To configure safe mode, please save this graph to your library first.",
+      variant: "destructive",
+    });
+  } else {
+    toast({
+      title: "Failed to update safe mode",
+      description:
+        error instanceof Error
+          ? error.message
+          : "An unexpected error occurred.",
+      variant: "destructive",
+    });
+  }
+}
--- a/autogpt_platform/frontend/src/services/storage/local-storage.ts
+++ b/autogpt_platform/frontend/src/services/storage/local-storage.ts
@@ -10,6 +10,7 @@ export enum Key {
  LIBRARY_AGENTS_CACHE = "library-agents-cache",
  CHAT_SESSION_ID = "chat_session_id",
  COOKIE_CONSENT = "autogpt_cookie_consent",
+  AI_AGENT_SAFETY_POPUP_SHOWN = "ai-agent-safety-popup-shown",
 }

 function get(key: Key) {
Author	SHA1	Message	Date
Zamil Majdy	ad50f57a2b	chore: add migration for nodeId field in PendingHumanReview Adds database migration to add the nodeId column which tracks the node ID in the graph definition for auto-approval tracking.	2026-01-20 23:03:03 -05:00
Zamil Majdy	aebd961ef5	fix: implement node-specific auto-approval for human reviews Instead of disabling all safe modes when approving all future actions, now tracks specific node IDs that should be auto-approved. This means clicking "Approve all future actions" will only auto-approve future reviews from the same blocks, not all reviews. Changes: - Add nodeId field to PendingHumanReview schema - Add auto_approved_node_ids set to ExecutionContext - Update review helper to check auto_approved_node_ids - Change API from disable_future_reviews to auto_approve_node_ids - Update frontend to pass node_ids when bulk approving - Address PR feedback: remove barrel file, JSDoc comments, and cleanup	2026-01-20 22:15:51 -05:00
Zamil Majdy	bcccaa16cc	fix: remove unused props from AIAgentSafetyPopup component Removes hasSensitiveAction and hasHumanInTheLoop props that were only used by the hook, not the component itself, fixing ESLint unused vars error.	2026-01-20 21:05:39 -05:00
Zamil Majdy	d5ddc41b18	feat: add bulk approval option for human reviews Add "Approve all future actions" button to the review UI that: - Approves all current pending reviews - Disables safe mode for the remainder of the execution run - Shows helper text about turning auto-approval on/off in settings Backend changes: - Add disable_future_reviews flag to ReviewRequest model - Pass ExecutionContext with disabled safe modes when resuming Frontend changes: - Add "Approve all future actions" button to PendingReviewsList - Include helper text per PRD requirements Implements SECRT-1795	2026-01-20 20:45:50 -05:00
Zamil Majdy	95eab5b7eb	feat: add one-time safety popup for AI-generated agent runs Show a one-time safety popup the first time a user runs an agent with sensitive actions or human-in-the-loop blocks. The popup explains that agents may take real-world actions and that safety checks are enabled. - Add AI_AGENT_SAFETY_POPUP_SHOWN localStorage key - Create AIAgentSafetyPopup component with hook - Integrate popup into RunAgentModal before first run Implements SECRT-1798	2026-01-20 20:40:18 -05:00
Zamil Majdy	832d6e1696	fix: correct safe mode checks for sensitive action blocks - Add skip_safe_mode_check parameter to HITLReviewHelper to avoid checking the wrong safe mode flag for sensitive action blocks - Simplify SafeModeToggle and FloatingSafeModeToggle by removing unnecessary intermediate variables and isHITLStateUndetermined checks	2026-01-20 20:33:55 -05:00
Zamil Majdy	8b25e62959	feat(backend,frontend): add explicit safe mode toggles for HITL and sensitive actions (#11756 ) ## Summary This PR introduces two explicit safe mode toggles for controlling agent execution behavior, providing clearer and more granular control over when agents should pause for human review. ### Key Changes New Safe Mode Settings: - `human_in_the_loop_safe_mode` (bool, default `true`) - Controls whether human-in-the-loop (HITL) blocks pause for review - `sensitive_action_safe_mode` (bool, default `false`) - Controls whether sensitive action blocks pause for review New Computed Properties on LibraryAgent: - `has_human_in_the_loop` - Indicates if agent contains HITL blocks - `has_sensitive_action` - Indicates if agent contains sensitive action blocks Block Changes: - Renamed `requires_human_review` to `is_sensitive_action` on blocks for clarity - Blocks marked as `is_sensitive_action=True` pause only when `sensitive_action_safe_mode=True` - HITL blocks pause when `human_in_the_loop_safe_mode=True` Frontend Changes: - Two separate toggles in Agent Settings based on block types present - Toggle visibility based on `has_human_in_the_loop` and `has_sensitive_action` computed properties - Settings cog hidden if neither toggle applies - Proper state management for both toggles with defaults AI-Generated Agent Behavior: - AI-generated agents set `sensitive_action_safe_mode=True` by default - This ensures sensitive actions are reviewed for AI-generated content ## Changes Backend: - `backend/data/graph.py` - Updated `GraphSettings` with two boolean toggles (non-optional with defaults), added `has_sensitive_action` computed property - `backend/data/block.py` - Renamed `requires_human_review` to `is_sensitive_action`, updated review logic - `backend/data/execution.py` - Updated `ExecutionContext` with both safe mode fields - `backend/api/features/library/model.py` - Added `has_human_in_the_loop` and `has_sensitive_action` to `LibraryAgent` - `backend/api/features/library/db.py` - Updated to use `sensitive_action_safe_mode` parameter - `backend/executor/utils.py` - Simplified execution context creation Frontend: - `useAgentSafeMode.ts` - Rewritten to support two independent toggles - `AgentSettingsModal.tsx` - Shows two separate toggles - `SelectedSettingsView.tsx` - Shows two separate toggles - Regenerated API types with new schema ## Test Plan - [x] All backend tests pass (Python 3.11, 3.12, 3.13) - [x] All frontend tests pass - [x] Backend format and lint pass - [x] Frontend format and lint pass - [x] Pre-commit hooks pass --------- Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co>	2026-01-21 00:56:02 +00:00