ENGINEERING
AI-triaged license violations with Slack approval escalation
When a PR introduces a flagged license, an agent assesses the actual compliance risk in context (license, package usage.
How it runs
The automated pipeline, trigger to output.
- TriggerGitHub PR opened or updatedGitHub
- ActionCollect new dependencies, licenses, and usage contextGitHub
- ActionAgent assesses compliance risk per packageOpenAI
- LogicRoute allow, block, or needs-review
- ActionEscalate gray-area cases to Slack with approve/rejectSlack
- OutputUpdate PR commit status from the decisionGitHub
What it does
This workflow adds judgment to a license gate. When a pull request adds a package with a non-allowlisted or ambiguous license, an agent evaluates the real risk — considering the license family, whether the dependency is a dev-only tool, and the project's distribution model — then decides whether to hard-block immediately or escalate for human sign-off. Escalations go to a Slack channel with approve and reject actions, and the PR status reflects the outcome.
When to use it
Use this when a binary allowlist is too blunt — for example, weak-copyleft or dual-licensed packages that are sometimes acceptable. It routes the gray-area cases to legal or eng leadership instead of blocking everything outright.
How it works
- 1A GitHub pull_request webhook fires.
- 2The workflow gathers new dependencies, their licenses, and how each is used.
- 3The agent reasons about compliance risk and classifies each as allow, block, or needs-review.
- 4A logic branch routes block decisions to a failing PR status, and needs-review decisions to Slack.
- 5Reviewers approve or reject in Slack; the response updates the PR commit status accordingly.
Set it up
What you configure once, before turning it on.
- 1Connect GitHubRepos, issues, pull requests, actions.
- 2Connect SlackChannels, DMs, threads, mentions.
- 3Connect OpenAIModels, embeddings, files.
- 4Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 5Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 6Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More Engineering workflows
Gate breaking API PRs behind downstream consumer acknowledgement
When a PR introduces a breaking contract change, comments the impact summary back on the PR, applies a blocking label.
Publish a versioned API changelog to Confluence on each release tag
On a new semver release tag, gathers the contract changes since the last release and writes a clean.
Agent reviews model-license fit and suggests compliant swaps on the PR
When a PR adds a Hugging Face model, an agent reads the model card and license, judges fit against your commercial-use policy.
Upgrade Impact Router to Module Code Owners
Maps a dependency-bump PR's affected modules to their CODEOWNERS, then DMs each owner on Slack with only the changelog slice that touches code they own.
Re-Voice IVR Prompts on Phone-Tree Config Merge
When a phone-tree config change merges in GitHub, regenerates the ElevenLabs audio for any prompt whose script changed in the diff and opens a follow-up PR adding the new audio…
Upstream Release to Notion Upgrade Brief
When a watched package publishes a new release, fetches the release notes, maps them to the internal modules that depend on it.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.