Verified reference build · not client work

02 / HUMAN CONTROL

Document Gate

An AI-shaped document intake workflow that separates extraction from policy, routes uncertainty to a person, and keeps every downstream action disabled.

Automated tests
7
Seeded scenarios
5
External actions
0

THE OPERATIONAL PROBLEM

Extraction is only the first decision.

A document can be readable and still be unsafe to process. Low confidence, missing fields, arithmetic mismatches, duplicates, and high-value items need explicit rules and accountable review before another system is allowed to act.

CONTROL PATH

Probabilistic input. Deterministic boundary.

  1. 01
    Extract

    Return typed fields and field-level confidence from synthetic input.

  2. 02
    Check

    Apply required-field, arithmetic, duplicate, and high-value rules.

  3. 03
    Review

    Require a human decision and note when policy or confidence demands it.

  4. 04
    Stop

    Record the decision locally and return downstream_action: none.

VERIFICATION EVIDENCE

What was actually checked.

  • 7 automated tests passHealth, extraction, mandatory review, low-confidence routing, mismatch detection, duplicate blocking, and local-only decisions.
  • 5 scenarios are reproducibleClean extraction, low confidence, total mismatch, high value, and duplicate input.
  • Interactive review was exercisedA total-mismatch case displayed its policy signal, accepted a reviewer note, and recorded local approval.
  • Zero external actionsApproval does not pay, email, post to accounting software, or write to any external service.
  • Reproducible packageFastAPI, SQLite, synthetic data, non-root Docker user, and a container healthcheck.

HONEST LIMITS

This proves a review boundary—not model accuracy.

Document Gate does not prove extraction accuracy on real documents, regulatory compliance, production security, or compatibility with a client system. Those require authorised representative data, calibrated evaluation, authenticated roles, safe file handling, tenant isolation, protected audit events, and a separately approved downstream connector.

SIMILAR BOTTLENECK?

Automate the routine. Expose the judgment.

Start with one document class, its exception rules, and an explicit downstream boundary.

Discuss the workflow