Safety
You’re always in control of what your assistant can do. Town provides multiple layers of safety controls to ensure workflows behave as expected.
Safety controls
The basics
Modes
Every workflow has a mode that controls execution:
| Mode | Behavior |
|---|---|
| Autonomous | Actions execute immediately |
| Approval-required | Write actions wait for your approval |
| Read-only | Can only read, no modifications |
Per-tool controls
You can set different modes for individual tools. A workflow might be autonomous for most actions but require approval for sending emails.
Action logging
Every action is logged. You can review what happened, when, and why — and adjust settings if needed.
Progressive trust
A common pattern is to start restrictive and loosen over time:
- Start with Read-Only — Workflow can analyze but not act
- Move to Approval-Required — Workflow can propose actions for your review
- Autonomous — When behavior is stable and low-risk
Default to approval-required for new workflows. Move to autonomous after you’ve verified behavior across multiple runs.
Built-in protections
Town includes security measures that apply automatically:
- Blocked tool combinations — Certain combinations aren’t allowed for security
- Prompt sanitization — Protects against prompt injection
- Output validation — Ensures actions match expected patterns
- Account isolation — Workflows can only access accounts you’ve connected
Learn more in Security.
Best practices
Start narrow, expand carefully. Begin with minimal tools and permissions. Add more as you verify behavior.
Review run logs regularly. Even autonomous workflows should be reviewed periodically to ensure they’re behaving correctly.
Use approval-required for email sends. Sent emails can’t be unsent. Review before sending.
Test before deploying. Use dry runs to verify workflow behavior without making real changes.