Actions Wavo can take (approvals, drafts, queries)
3 tool modes: read (instant), write (instant + audit), approval (pending → confirm). HIGH/MEDIUM/LOW risk. ACTION_TTL 30 min. Audit via ai_action_log (GET /api/v1/ai-action-log).
Written By Salvatore Sinigaglia
Last updated About 5 hours ago
3 tool modes: read (instant), write (instant + audit), approval (pending → confirm). HIGH/MEDIUM/LOW risk. ACTION_TTL 30 min. Audit via ai_action_log (GET /api/v1/ai-action-log).
Actions Wavo can take (approvals, drafts, queries)
Wavo's tools fall into 3 modes: read (instant, no approval), write (instant + audited), approval (pending → user confirms → execute). Risk classification via
TOOL_RISK_MAPinapproval-payload.ts: HIGH / MEDIUM / LOW. Approval requests expire after 30 minutes (ACTION_TTL_MS=1800000). Every approval logged toai_action_logwith SHA-256 payload hash + idempotency key.
Who is this for
Anyone wondering "what can Wavo actually change in my account?" or "why did Wavo ask me to confirm?"
The 3 tool modes
Mode 1: read
Runs immediately. No approval. No risk to your account.
Examples:
campaign_search,campaign_performance_summaryget_performance_data,get_audience_insightsget_tracker_data,compare_tracker_metacdm_orders_search,cdm_products_searchlist_automation_rules,draft_get,draft_validateanalyze_existing_ad,analyze_landing_pageweb_search
Wavo invokes, gets data, answers. Done.
Mode 2: write
Runs immediately + writes audit log entry. LOW risk by design.
Examples:
generate_image,generate_video,generate_copy— creates Creative Hub assets
No approval card. Wavo just does it + tells you what happened.
Mode 3: approval
Pending → user confirms → execute. Required for HIGH and MEDIUM risk tools.
Flow:
- Wavo plans an action
- Generates an approval card with:
- Tool name
- Risk level (HIGH / MEDIUM)
- Payload preview (what will change)
- Execute / Reject buttons
- You review + click Execute or Reject
- If Execute: audit log records CONFIRMED, then SUCCESS (or FAILURE if the action errors)
- If Reject: audit log records REJECTED with reason
- If 30 min passes with no decision: card expires, audit log records EXPIRED
- If a kill-switch blocks execution at confirm time: audit log records BLOCKED_KILLSWITCH
TOOL_RISK_MAP
HIGH risk = significant, hard-to-reverse changes (deleting rules, duplicating campaigns, changing budgets). MEDIUM = reversible but worth confirming. LOW = safe but still gated. Note: every tool in TOOL_RISK_MAP runs in approval mode, so even a LOW-risk tool like create_campaign_draft shows an approval card — it does not execute immediately. Creative generation tools (generate_image, etc.) are not in this map: they run in write mode and are audited but do not require an approval card.
Why approvals matter
LLMs can misinterpret intent. Wavo may understand "increase budget by 20%" as "increase budget by 200%" if your prompt is ambiguous. Approval card lets you:
- Review the exact payload before it executes
- Reject if Wavo got it wrong
- Audit what was approved + by whom
This is a deliberate safety design, not a bug. Cannot be disabled.
Approval card contents
A typical approval card shows:
Action: update_entity_budgetRisk: HIGHTarget: Campaign "Spring Sale Prospecting"Change: daily_budget €50 → €60 (+20%)[Execute] [Reject]Expires in: 29 min 47 secWhat you see depends on the tool:
- delete_automation_rule: rule details + scope + last 5 executions
- duplicate_entity: source + destination + new name
- update_entity_budget: current + new value + delta %
- create_automation_rule: full rule definition (conditions, actions, schedule)
- toggle_entity_status: from / to state
Audit log
Every approval-mode action writes to ai_action_log:
Idempotency: if you accidentally approve the same action twice (e.g. double-click), the second execution is a no-op — same hash, same key.
Query the audit log via GET /api/v1/ai-action-log (owner / admin / super_admin, and manager where the team's action_log_visible flag is on; a gated manager still sees actions they personally triggered).
Multiple actions in one turn
Wavo can plan multiple actions. Each gets its own approval card. You approve / reject independently.
Example: "Pause all losing adsets, then create a rule to prevent future losses."
- Approval card 1: bulk
toggle_entity_status(HIGH risk) - Approval card 2:
create_automation_rule(MEDIUM risk)
You can approve one + reject the other.
ACTION_TTL — 30 min
ACTION_TTL_MS=1800000. After 30 min:
- Approval card expires
- Audit log status flips PENDING → EXPIRED
- Action cannot be executed via that card
If you want to proceed after expiry: ask Wavo again. New approval card generated with fresh TTL.
Why 30 min: balance between giving you time to think + preventing stale approvals from being acted on if your context changed.
Read vs Write mode timing
For async writes (generate_*): Wavo returns immediately + you watch via Jobs panel (see ch-118).
Cross-cluster action flow
When Wavo creates a campaign:
- create_campaign_draft (LOW risk, but approval mode) — you confirm the approval card, then the draft is saved in DB
- Optional:
draft_validate(read) — checks for errors - To publish: requires manual approval via Campaign Creator UI (Wavo doesn't auto-publish; PRD-15 cc-* explains)
When Wavo creates a rule:
- create_automation_rule (MEDIUM approval) — approval card
- Execute → rule created with
status: paused - User activates manually (Wavo doesn't auto-activate; PRD-17 rul-* explains)
Defense-in-depth: Wavo doesn't run wild, even with approval.
Common surprises
- "Wavo did something I didn't approve" — only creative generation write tools run without approval. Everything in
TOOL_RISK_MAP(including LOW-risk drafts and support tickets) requires explicit approval. - "The approval card disappeared" — 30-min TTL expired. Ask Wavo again.
- "Two approval cards for the same action" — Wavo planned multiple steps; idempotency key prevents duplicate execution if approved twice.
- "I rejected but Wavo still mentions the rule" — Wavo remembers the planning; nothing was actually executed. Audit log confirms.
FAQ
What are the three tool modes Wavo uses?
Wavo's tools fall into three modes in Wevion. Read tools (like campaign_search or get_performance_data) run instantly with no approval. Write tools (like generate_image) run instantly but are audited as LOW risk. Approval tools stay pending until you confirm, and are required for HIGH and MEDIUM risk actions such as budget changes or rule deletion.
Which of Wavo's actions require my approval?
Every tool in TOOL_RISK_MAP requires explicit approval in Wevion, regardless of risk level. HIGH covers delete_automation_rule, duplicate_entity, and update_entity_budget; MEDIUM covers creating, toggling, or updating rules and toggling entity status; LOW covers creating a campaign draft and creating a support ticket — but even these LOW-risk tools still show an approval card. Only creative generation write tools (generate_image, etc.) run without an approval card.
How long does a Wavo approval card stay valid?
An approval card expires after 30 minutes, set by ACTION_TTL_MS=1800000. Once it expires, the audit log status flips from PENDING to EXPIRED and the action can no longer run from that card. To proceed after expiry, simply ask Wavo again and a fresh approval card with a new TTL is generated.
Can I turn off Wavo's approval step?
No. Approval is a deliberate safety design in Wevion and cannot be disabled. Because an LLM can misinterpret intent, the approval card lets you review the exact payload before it executes, reject it if Wavo got it wrong, and audit what was approved. Only LOW-risk write tools like drafts and generation skip it.
What happens if I approve the same Wavo action twice?
Nothing duplicates. Every approval-mode action writes to ai_action_log with a SHA-256 payload hash and a derived idempotency key. If you accidentally approve the same action twice, for example by double-clicking, the second execution is a no-op because it carries the same hash and key.