# Progressive Trust Review Policy

## Purpose

Progressive trust reduces repeated human review only for low-risk, stable workflows. It does not allow high-risk actions to run without approval.

## Trust Tier

- trust_tier: t0_mandatory_review / t1_preflight_plus_review / t2_sampled_review / t3_post_review_log_only
- workflow:
- agent_name:
- ruleset_hash:
- auto_pass_candidate: yes / no
- review_sampling_rate:
- trust_review_due_at:

## Promotion Conditions

- same workflow + agent_name + ruleset_hash:
- D+7 review passed:
- minimum_sample_size >= 20:
- adoption_rate >= 0.99:
- critical_error_count = 0:
- no open warning / urgent exception:
- no external message, pricing, contract, payment, backend write, CRM / OKKI write, budget action, or expanded privacy use:
- Arden approval:
- customer owner approval:

## Rollback Conditions

- high-risk action appears:
- privacy failure:
- authorization changes:
- ruleset changes:
- two consecutive human rejections:
- customer owner objection:

Any rollback condition returns the workflow to t0_mandatory_review.