Building A Safe Delivery Pipeline for Agents
Most agent demos skip a vital question. How do you let an autonomous system send things on your behalf without double-sending or shipping unapproved work?
A double-send is not a rare error. It is the default behavior of a simple queue when a worker dies mid-task. A worker sends a message and then crashes before it records a success. The system thinks the task failed and tells a new worker to try again. The customer gets two emails and you get a support ticket.
You cannot prevent every crash. You must design for a crash inside the gap between the action and the record.
Use this six-stage pipeline for any agent output with real consequences:
• Produce: The agent generates the full artifact. It does not send anything yet. • Persist: Write the intent and the artifact to durable storage first. • Score: Attach a confidence score to the output. • Review: Route low-confidence items to a human. • Approve: Use a fail-closed gate. The system blocks all sends unless a human gives explicit authorization. • Send and Attest: Send the item under a lease, then write an evidence receipt.
Each stage must be a separate durable transition. The state lives in your database, not in a worker's memory.
To prevent duplicates, use row-level leasing. In Postgres, use SELECT ... FOR UPDATE SKIP LOCKED. This ensures only one worker owns a task at a time.
The most important rule is how you handle expired leases. If a worker dies while sending an external message, do not automatically retry it. Instead, strand the task for human review. A visible stuck task is better than an invisible double-send.
You must also follow fail-closed principles:
- Sending is off by default. A single flag must enable all outbound traffic.
- Identity is checked. The system must verify the sender address and transport security at the moment of sending.
- Everything leaves a receipt. An unrecorded send is a failure.
Do not build this for low-stakes tasks like internal logs. Use it when a mistake costs money, creates a legal issue, or requires a support ticket.
Optional learning community: https://t.me/GyaanSetuAi
