Safety & enforcement

Gate & enforcement

Every call is evaluated by the gate before reaching the provider. The gate runs up to ten checks in order and returns one of three decisions: Approve, Block, or Review required.

Gate decisions

Decision	HTTP	Meaning
Approve	—	Call proceeds to the provider normally.
Block	402 or 403	Call rejected before the provider is contacted. No tokens consumed, no cost incurred.
Review required	200	Call proceeds and returns a normal response, but the header X-Zelyx-Review-Required: true is set and the call is flagged in the Gate dashboard.

What the gate checks

Checks run in order — the first one that triggers wins. Later checks are skipped.

Session limit — if the session has exceeded its spend cap, block (402).
High-risk payment pattern — tool names suggest a payment transaction with high confidence. Block (403).
Per-model budget — model's daily cap is exhausted or model is paused. Block (402).
Model blocked — this model is in the key's block list. Block (403).
Model not allowed — key has an allow list and this model is not on it. Block (403).
Max tokens exceeded — max_tokens on the request exceeds the key's per-call limit. Block (403).
Daily budget exceeded — company, team, or project budget is exhausted. Block (402) or proceed per overage policy.
Premium model + high cost — claude-opus or gpt-4 with an estimated cost above $0.005. Review required.
Medium-risk payment pattern — tool names suggest a payment transaction with medium confidence. Review required.
Vendor payment intent — high-confidence intent detection of payment-related content. Review required.

NoteIf none of the ten checks triggers, the call is approved automatically.

The review queue

When the gate returns Review required, the call still completes and your app gets the AI response. However:

The response includes the header X-Zelyx-Review-Required: true.
The call appears in the Gate dashboard under Pending reviews.
Budget is reserved — the call did consume tokens and incur cost.

A workspace manager or team lead can review flagged calls on the Gate page and mark them as approved or rejected. Rejection is informational — it does not reverse the cost or undo the call.

Reading the header in your code

If your app needs to handle review-required differently (e.g. hold the response until a human approves):

response_raw = client.chat.completions.with_raw_response.create(
    model="claude-opus-4-7",
    messages=messages,
)

if response_raw.headers.get("X-Zelyx-Review-Required") == "true":
    # Flag for human review in your own system before acting on the output
    flag_for_review(response_raw.parse())
else:
    act_on(response_raw.parse())

Shadow mode

Shadow mode runs all gate checks but never blocks. Every call that would have been blocked or flagged is recorded as a shadow decision, but the call proceeds normally.

Use shadow mode to:

Understand what the gate would do before enabling enforcement
Tune budgets and policies without disrupting your team
Identify false positives before going live

Enable shadow mode in Settings. Results are visible on the Gate page under Shadow mode results, broken down by reason.

WarningShadow mode disables all budget enforcement. Real spend will accumulate without limits. Set a reasonable company budget before disabling shadow mode.

Loop detection →

Detect and stop runaway agent loops

Response codes →

HTTP 402, 403, 429 — what each means and what to do

Budget overview →

Set budgets that the gate enforces