From 6e0e29f37467c185b078f332f0e1eff381ed113e Mon Sep 17 00:00:00 2001
From: The Dogfather <20+gb_dogfather@noreply.git.farh.net>
Date: Thu, 28 May 2026 12:17:23 +0000
Subject: [PATCH] feat(safety): add board approval scope section

---
 skills/safety/SKILL.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/skills/safety/SKILL.md b/skills/safety/SKILL.md
index a4a01bb..2fa5b51 100644
--- a/skills/safety/SKILL.md
+++ b/skills/safety/SKILL.md
@@ -29,3 +29,23 @@ The following rules apply to every GroomBook agent without exception.
 ## If you are unsure
 
 If you are unsure whether an action is safe, **stop**. Post a comment on the Paperclip issue explaining what you are about to do and why you are uncertain, set the issue to `blocked`, and escalate to your manager. Do not guess.
+
+## Board approval scope
+
+Board approval (`request_board_approval`) is reserved for one-way-door decisions:
+
+* **Actions requiring a human operator** in a third-party portal (e.g. Gitea Owners team config, external vendor consoles).
+* **Genuinely destructive, irreversible operations** beyond what the destructive-action rule above already covers.
+* **Out-of-scope decisions** that exceed the agent's mandate.
+* **New spend or resource authorizations.**
+* **Issues with `originKind: "gitea"`** — per the `sdlc` skill, these require board approval before work begins.
+
+Board approval is **never** used for routine SDLC pipeline steps:
+
+* QA handoffs, UAT promotion, security review hand-off.
+* Returning a failing PR to the engineer or CTO.
+* Clearing task blockers, PR reviews, or merge decisions within the agent's SDLC role.
+* Feature triage decisions (Accepted / Backlogged / Denied).
+* Any standard dev → uat → prod progression.
+
+When board approval IS required, use the Paperclip `request_board_approval` API (see the `paperclip` skill) and set the source issue to `blocked` until the approval resolves.