Safety
You’re always in control of what your assistant can do. Town provides multiple layers of safety controls so your workflows behave exactly as you expect.
Safety controls
The basics
Permission options
When you’re chatting with your assistant, you can control how much autonomy it has for that session:
| Setting | What it does |
|---|---|
| Ask before any changes | Default. Every action that makes a change requires your approval first. |
| Always allow safe actions | Automatically approve low-risk actions like labeling and archiving. Actions that communicate externally still require approval. |
| Allow all actions | Full autonomous mode — no approvals required for this session. |
These settings reset when you start a new chat.
Workflow modes
Every workflow has a default mode that applies whenever it runs:
| Mode | What happens |
|---|---|
| Autonomous | Actions execute immediately without asking |
| Approval-required | Actions that make changes wait for your approval |
| Read-only | Can only read and analyze — no modifications allowed |
Per-tool controls
You can set different modes for individual tools within a workflow. For example, a workflow might be autonomous for labeling and archiving, but require your approval before sending any emails.
Action logging
Every action your assistant takes is logged. You can review what happened, when, and why — and adjust settings if needed.
Progressive trust
A common pattern is to start restrictive and loosen over time:
- Start with Read-Only — See what the workflow would do without any risk
- Move to Approval-Required — Let it propose actions for your review
- Promote to Autonomous — When you’re confident the behavior is correct
Start with approval-required for new workflows. Move to autonomous after you’ve reviewed several runs and confirmed the behavior is correct.
Built-in protections
Town includes security measures that apply automatically:
- Smart safeguards — When a workflow has access to private data, untrusted input, and external communication tools, extra protections kick in automatically
- Input validation — Blocks known manipulation patterns in incoming content
- Output validation — Checks tool arguments before executing actions
- Account isolation — Workflows can only access accounts you’ve connected
Learn more in Security.
Best practices
Start narrow, expand carefully. Begin with minimal tools and permissions. Add more as you verify behavior.
Review run history regularly. Even autonomous workflows should be reviewed periodically to make sure they’re doing what you expect.
Use approval-required for outgoing messages. Sent emails and messages can’t be unsent. Always review before sending.
Test before going live. Use read-only mode to verify workflow behavior without making real changes.