Implement autonomy levels and configurable approval workflows (DESIGN_SPEC §12.2)

[Aureliolo]

Context

Implement the four autonomy levels defined in DESIGN_SPEC §12.2 that control how much independence agents have and when human approval is required.

Autonomy levels:

1. Full — Agents operate independently; human is notified of actions but not consulted
2. Semi — Most actions are autonomous; major decisions require human approval
3. Supervised — Human approves major steps before execution
4. Locked — Human must approve every single action

Acceptance Criteria

Autonomy Levels

• All four autonomy levels implemented (full, semi, supervised, locked)
• Per-action classification system (what constitutes a 'major decision' vs routine action)
• Approval routing based on current autonomy level
• Runtime autonomy level changes (can adjust without restart)
• Default autonomy levels match spec recommendations
• Per-agent and per-company level configuration
• Action queue for locked/supervised modes (actions wait for approval)
• Unit tests for each autonomy level with various action types

Approval Timeout Integration (§12.4)

• Reference the TimeoutPolicy protocol for what happens when a human doesn't respond to an approval request (see separate issue for §12.4 implementation)
• Autonomy level configuration should include which TimeoutPolicy applies per level (e.g., locked → "wait", semi → "tiered")
• Ensure the approval routing integrates with the task park/resume mechanism defined in §12.4

Dependencies

• Implement Security Operations agent (action validation, audit logging) #40 — SecOps agent must be implemented
• Implement human approval queue API (Litestar controller + guards) #37 — Human approval queue must be functional
• §12.4 Approval Timeout Policy issue — timeout behavior for approval requests

Design Spec Reference

• §12.2 — Autonomy levels
• §12.4 — Approval Timeout Policy (timeout behavior, task parking)

---

Updated 2026-03-06: Added §12.4 Approval Timeout integration — autonomy levels now reference the TimeoutPolicy protocol for handling human non-response.

---

Design Decisions Finalized

• D1 — Action Types: Two-level category:action hierarchy used in autonomy preset auto_approve/human_approval lists (e.g. auto_approve: ["code"] expands to all code:*).
• D6 — Autonomy Scope: Three-level resolution chain: per-agent → per-department → company default. Seniority validation: Juniors/Interns cannot be set to full.
• D7 — Autonomy Changes: Pluggable AutonomyChangeStrategy protocol. Initial: human-only promotion via API. Auto-downgrade documented for future strategy.

Common pattern: All strategies use pluggable protocol interfaces with one initial implementation. Alternative strategies are documented in DESIGN_SPEC.md for future.