Human-in-the-Loop — When Humans Should Intervene

Using Claude Code, there are moments it asks "should I modify this file?" That's Human-in-the-Loop.

Why It's Needed

Full agent autonomy isn't always good. Irreversible actions taken independently by agents cause problems.

• git push --force wiping commit history

• Running DELETE queries directly on production DB

• Sending emails to customers

• Processing payments

These need human confirmation. But confirming every step defeats the purpose of agents.

Intervention Level Design

Level 0 — Fully manual: Human approval for every action. Pointless agent.

Level 1 — Approve risky actions only: Reads are free, writes need confirmation. Most coding agents are at this level.

Level 2 — Policy-based auto: Autonomous within predefined rules, approval needed outside. "File edits in this directory are OK, ask for anything else."

Level 3 — Fully autonomous: Agent decides everything. Risky, but valid in clear scopes (e.g., sandbox test environments).

Good Intervention Requests

When an agent asks "can I do this?":

• Context: Explain why this action is needed

• Blast radius: Specifically what changes

• Alternatives: "I could do A or B — which one?"

• Default suggestion: "I'm planning to do X, proceeding if OK"

"Modifying a file" (bad) vs "Adding expiry time check to validateToken function in src/auth.ts. Existing logic unchanged, only adding a condition." (good)

Escalation vs Halt

Escalation: "I can't judge this part" → hand decision to human, continue after receiving decision.

Halt: "Continuing this task could be dangerous" → stop the task itself.

Escalation is the surest way to prevent Ralph Wiggum Loops. An agent that honestly says "I'm stuck" is a good agent.