Actions Wavo can take (approvals, drafts, queries)
Last updated: May 19, 2026
Actions Wavo can take (approvals, drafts, queries)
Wavo's tools fall into 3 modes: read (instant, no approval), write (instant + audited), approval (pending → user confirms → execute). Risk classification via TOOL_RISK_MAP in approval-payload.ts: HIGH / MEDIUM / LOW. Approval requests expire after 30 minutes (ACTION_TTL_MS=1800000). Every approval logged to ai_action_log with SHA-256 payload hash + idempotency key.
Who is this for
Anyone wondering "what can Wavo actually change in my account?" or "why did Wavo ask me to confirm?"
The 3 tool modes
Mode 1: read
Runs immediately. No approval. No risk to your account.
Examples:
campaign_search,campaign_performance_summaryget_performance_data,get_audience_insightsget_tracker_data,compare_tracker_metacdm_orders_search,cdm_products_searchlist_automation_rules,draft_get,draft_validateanalyze_existing_ad,analyze_landing_pageweb_search
Wavo invokes, gets data, answers. Done.
Mode 2: write
Runs immediately + writes audit log entry. LOW risk by design.
Examples:
create_campaign_draft— creates a draft (not published; safe to edit)generate_image,generate_video,generate_copy— creates Creative Hub assetscreate_support_ticket— opens Pylon ticket
No approval card. Wavo just does it + tells you what happened.
Mode 3: approval
Pending → user confirms → execute. Required for HIGH and MEDIUM risk tools.
Flow:
Wavo plans an action
Generates an approval card with:
Tool name
Risk level (HIGH / MEDIUM)
Payload preview (what will change)
Execute / Reject buttons
You review + click Execute or Reject
If Execute: action runs, audit log records SUCCESS
If Reject: audit log records DENIED with reason
If 30 min passes with no decision: card expires, audit log records EXPIRED
TOOL_RISK_MAP
Risk | Tools |
|---|---|
HIGH |
|
MEDIUM |
|
LOW |
|
HIGH risk = significant, hard-to-reverse changes (deleting rules, duplicating campaigns, changing budgets). MEDIUM = reversible but worth confirming. LOW = safe but tracked.
Why approvals matter
LLMs can misinterpret intent. Wavo may understand "increase budget by 20%" as "increase budget by 200%" if your prompt is ambiguous. Approval card lets you:
Review the exact payload before it executes
Reject if Wavo got it wrong
Audit what was approved + by whom
This is a deliberate safety design, not a bug. Cannot be disabled.
Approval card contents
A typical approval card shows:
Action: update_entity_budget
Risk: HIGH
Target: Campaign "Spring Sale Prospecting"
Change: daily_budget €50 → €60 (+20%)
[Execute] [Reject]
Expires in: 29 min 47 sec
What you see depends on the tool:
delete_automation_rule: rule details + scope + last 5 executions
duplicate_entity: source + destination + new name
update_entity_budget: current + new value + delta %
create_automation_rule: full rule definition (conditions, actions, schedule)
toggle_entity_status: from / to state
Audit log
Every approval-mode action writes to ai_action_log:
Field | What |
|---|---|
| PENDING / SUCCESS / FAILURE / EXPIRED / DENIED |
| SHA-256 of canonical JSON payload |
| Derived from hash; prevents duplicate executions |
| If rejected, why |
| User + timestamp |
| When action actually ran |
Idempotency: if you accidentally approve the same action twice (e.g. double-click), the second execution is a no-op — same hash, same key.
Query the audit log via /api/v1/audit-logs?resource_type=ai_action (admin / owner only).
Multiple actions in one turn
Wavo can plan multiple actions. Each gets its own approval card. You approve / reject independently.
Example: "Pause all losing adsets, then create a rule to prevent future losses."
Approval card 1: bulk
toggle_entity_status(HIGH risk)Approval card 2:
create_automation_rule(MEDIUM risk)
You can approve one + reject the other.
ACTION_TTL — 30 min
ACTION_TTL_MS=1800000. After 30 min:
Approval card expires
Audit log status flips PENDING → EXPIRED
Action cannot be executed via that card
If you want to proceed after expiry: ask Wavo again. New approval card generated with fresh TTL.
Why 30 min: balance between giving you time to think + preventing stale approvals from being acted on if your context changed.
Read vs Write mode timing
Mode | Latency typical |
|---|---|
read | < 2 sec (tool call + result) |
write LOW (drafts) | 2-5 sec (creates DB record) |
write LOW (generate_image) | 10-60 sec (async via Creative Hub job) |
approval HIGH/MEDIUM | depends on you — 5 sec to 30 min |
For async writes (generate_*): Wavo returns immediately + you watch via Jobs panel (see ch-118).
Cross-cluster action flow
When Wavo creates a campaign:
create_campaign_draft (LOW write) — draft saved in DB
Optional:
draft_validate(read) — checks for errorsTo publish: requires manual approval via Campaign Creator UI (Wavo doesn't auto-publish; PRD-15 cc-* explains)
When Wavo creates a rule:
create_automation_rule (MEDIUM approval) — approval card
Execute → rule created with
status: pausedUser activates manually (Wavo doesn't auto-activate; PRD-17 rul-* explains)
Defense-in-depth: Wavo doesn't run wild, even with approval.
Common surprises
"Wavo did something I didn't approve" — only LOW write tools run without approval (drafts, generate). Anything HIGH/MEDIUM requires explicit approval.
"The approval card disappeared" — 30-min TTL expired. Ask Wavo again.
"Two approval cards for the same action" — Wavo planned multiple steps; idempotency key prevents duplicate execution if approved twice.
"I rejected but Wavo still mentions the rule" — Wavo remembers the planning; nothing was actually executed. Audit log confirms.
Related
Create your first rule — rule actions via Wavo
Launch Express mode — campaign actions via Wavo
Data grounded — what Wavo sees before acting