# GenCreator Approval Policy

## Modes

- read_only: inspect product contracts, vault fields, public resources, and local artifacts.
- draft_only: create local drafts, campaign packets, review notes, and suggested schedules.
- approval_required: prepare an approval record before public, customer-facing, paid, destructive, or reputation-sensitive action.

## Required Approval Record

- Action title.
- Source artifacts used.
- Risk level.
- Human decision needed.
- Suggested next action.
- Support-boundary note.

## Hard Boundaries

- No autonomous publishing.
- No outbound customer messages without approval.
- No purchases, deletes, account changes, entitlement changes, or external writes without approval.
- No secrets in prompts, files, logs, screenshots, or support requests.
- No claims that exceed product manifest status.