Human-in-the-loop: why AI agents need a leash

We built Leiko to be capable. 64 tools that touch every part of your business data. Then we built a system to constrain it.

The trust gradient

Read operations: no confirmation. Write operations: confirmation required. Destructive operations: double confirmation. We're not asking for blanket permission — we're asking for permission for each action that changes your data.

How confirmation works

Every tool call is intercepted before execution. A human-readable summary is shown: “Create invoice for Design Studio, €2,400, 20 hours at €120/hr. Send?” You approve or reject. Text-based confirmation works too — “joo” (Finnish for yeah) counts as yes.

Create invoice for Design Studio, €2,400, 20 hours at €120/hr. Send?

The hard cases

Multi-step workflows. Example: “Invoice Design Studio for February” needs five steps — fetch unbilled hours, create draft, apply tax, generate PDF, send. Each step can be blocked for confirmation. We don't batch them; we surface each one so you can stop the chain at any point.

What we don't do

No auto-execution with undo. No blanket permissions. No silent data modification. If the AI is going to change something, you see it first.

The result

Slightly slower, but trustworthy. The AI drafts; you verify. That's the trade we made.

Want to try it? Join the beta →