Approvals
When a project is set to Safe mode, PhantomOps pauses before any dangerous action and waits for a human decision. The Approvals page is where those decisions are made.
Review dangerous scan actions that are waiting on a Safe mode decision, or check recent approvals and rejections.
When approvals are triggered
Section titled “When approvals are triggered”A scan agent triggers an approval when it’s about to perform a state-changing action — for example:
- A
DELETErequest against an admin endpoint. - A destructive
POST,PUT, orPATCH(resetting a password, deleting a user, wiping a record). - An action the agent’s safety check flags as potentially disruptive.
PhantomOps pauses the agent, queues the action as a pending approval, and shows it on the Approvals page. You have 5 minutes to decide. After 5 minutes the approval expires and the action is automatically skipped — the scan continues.
If the project is on Boss mode, this pause is skipped entirely; the agent proceeds with the action immediately. See Configure and launch → Dangerous action mode.
The Approvals page
Section titled “The Approvals page”The page lists every dangerous-action approval the organization has produced, filtered by status. Five filter tabs run across the top:
| Filter | What it shows |
|---|---|
| All | Every approval the organization has ever produced. |
| Pending | Active approvals waiting on a decision (with a countdown). |
| Approved | Approvals where someone selected Approve. |
| Rejected | Approvals where someone selected Reject. The action was skipped. |
| Expired | Approvals where the 5-minute window passed without a decision. The action was skipped. |
Make a decision
Section titled “Make a decision”For a pending approval, two buttons are available:
- Approve — the agent performs the action and the scan continues. PhantomOps prompts for an optional approval note (visible later in the audit trail).
- Reject — the action is skipped. PhantomOps prompts for an optional reason.
After you approve, the page navigates back to the Live scan view for that project so you can watch the run continue.
What if you can’t get to it in 5 minutes?
Section titled “What if you can’t get to it in 5 minutes?”The approval expires and the action is skipped. The scan continues without performing it, so you’ll lose coverage on that one specific check. If you regularly miss approvals on a project, consider:
- Switching that project to Boss mode for in-scope dangerous actions you’re already comfortable with.
- Adding the noisy endpoints that keep triggering approvals to out-of-scope URL patterns in the wizard’s Configuration step.
See also
Section titled “See also”- Configure and launch → Dangerous action mode — Safe mode versus Boss mode.
- Watch the scan — how the Active Scan card surfaces an approval that needs review.
- Scheduling — working-hours windows are separate from the 5-minute approval clock.