Safety Layer

Approval cards before commit/deploy.

WALO can accept a WhatsApp-style command, but production changes do not run blind. DNS, deploys, rollbacks, token changes, deletes, and commit/deploy actions become cards with a reason, planned steps, and an audit trail.

WhatsApp commandcommit this update deploy site site edit add FAQ

These create an approval request instead of pushing immediately.

Review

Owner/admin checks action type, reason, source command, planned steps, repo link, and risk.

Run

After approval, the runner should use a short-lived action token, run checks, commit, deploy, and return the live link.

Live Approval Cards

Checking login and approval API...

Example Card

git.commit_deploymedium riskexpires in 24h

Command

commit this update

Planned steps

1. recall source files 2. draft diff 3. run syntax checks 4. commit to git 5. deploy with Cloudflare 6. return live link

Open public command repo

Why this matters

A business owner can text naturally, but the system still separates low-risk lookups from high-risk production work. That is the line between helpful automation and chaos.