Building A Safe Delivery Pipeline for Agents

Most agent demos skip a vital question. How do you let an autonomous system send things on your behalf without double-sending or shipping unapproved work?

A double-send is not a rare error. It is the default behavior of a simple queue when a worker dies mid-task. A worker sends a message and then crashes before it records a success. The system thinks the task failed and tells a new worker to try again. The customer gets two emails and you get a support ticket.

You cannot prevent every crash. You must design for a crash inside the gap between the action and the record.

Use this six-stage pipeline for any agent output with real consequences:

• Produce: The agent generates the full artifact. It does not send anything yet. • Persist: Write the intent and the artifact to durable storage first. • Score: Attach a confidence score to the output. • Review: Route low-confidence items to a human. • Approve: Use a fail-closed gate. The system blocks all sends unless a human gives explicit authorization. • Send and Attest: Send the item under a lease, then write an evidence receipt.

Each stage must be a separate durable transition. The state lives in your database, not in a worker's memory.

To prevent duplicates, use row-level leasing. In Postgres, use SELECT ... FOR UPDATE SKIP LOCKED. This ensures only one worker owns a task at a time.

The most important rule is how you handle expired leases. If a worker dies while sending an external message, do not automatically retry it. Instead, strand the task for human review. A visible stuck task is better than an invisible double-send.

You must also follow fail-closed principles:

  • Sending is off by default. A single flag must enable all outbound traffic.
  • Identity is checked. The system must verify the sender address and transport security at the moment of sending.
  • Everything leaves a receipt. An unrecorded send is a failure.

Do not build this for low-stakes tasks like internal logs. Use it when a mistake costs money, creates a legal issue, or requires a support ticket.

Source: https://dev.to/danmercede/building-a-governed-double-send-safe-delivery-pipeline-for-agent-outputs-80e

Optional learning community: https://t.me/GyaanSetuAi