An AI Agent is a model, a prompt, a reference library, and a permission boundary. All four matter.

Why it matters

The promise of AI in compliance review is significant. So is the risk if it is deployed badly. A single fixed model, a fixed prompt, no reference material, no permission control, no audit trail: that is a tool, not an Agent. It does not match the work, it does not respect your governance, and it leaves your team exposed when something goes wrong.

The best automated platforms for creative approval routing do it differently. Aproove's approach treats AI as a configurable capability that has to fit the structure of your review program. The four ingredients above are the mechanism that lets you build Agents your team can trust: each one tuned to a specific task, each one drawing on the right reference material, each one bounded by who should be able to use it, each one auditable after the fact.

The result is AI that scales without losing the controls your compliance, brand, and legal stakeholders require.

Anatomy of an agent

Provider and Model. The Provider layer manages the connection to the underlying AI engine: API key, endpoint, and model selection. Aproove ships with off-the-shelf integrations into both OpenAI and Anthropic, so you can run Agents on the frontier model of your choice (GPT, Claude, and the models these providers continue to release). Beyond off-the-shelf, the platform supports connections to custom LLMs, in-house LLMs, and self-hosted models, giving you the flexibility to run Agents on whatever inference layer your organization standardizes on. Each Agent is designated to one model, but different Agents can use different models: a brand specialist might run on one frontier model while a legal disclosure check runs on another. You can also point Aproove at customer-controlled API keys, your own enterprise tenant, or, through Professional Services, an Aproove-tuned custom model.

Prompt Template. This is the core instruction set: the specific job the Agent is asked to do. It includes a system prompt (the static framework, behavior, tone, constraints) and a user input layer (the variable data the Agent reacts to, like the proof's text content, image data, or page list). Aproove provides a library of system tags so prompts can dynamically pull in the right slice of the file at runtime.

Reference Files. The persistent knowledge an Agent draws on. A style guide, a brand book, a regulatory framework, a list of approved claims, a banned-words list. Reference files can be PDFs, DOCX, spreadsheets, JSON, or images, up to 512 MB. They can be persistent (loaded once, used across many Agents) or temporary (loaded at runtime per project). This is how you teach an Agent your standards.

Permission Boundary. Agents are grouped into Prompt Template Sets, which are assigned to Roles at the schema level. A user can only see and invoke the Agents that their Role permits. Permissions apply to user, role, or team, and are independent of file-level review permissions: an Agent's reach is configured separately from a reviewer's reach.

Context. Where the Agent runs. Proof context invokes an Agent against a single proof in the Review Interface. Section context runs the Agent across multiple proofs at once from Proof Plan View, with parallel execution (forking) for high-volume cycles.

Delegated or automated

Every AI agent for compliance in Aproove can be configured for one of two interaction patterns. This is a configuration choice that shapes how humans see and use the product.

Delegated to humans. The Agent is available as an on-demand option in the Review Interface or Proof Plan View. A reviewer with the right permissions decides when to call it. They open a file, judge that they need a brand check or a compliance scan, and run the Agent. Findings appear immediately for the reviewer to act on. This pattern keeps reviewers in the driver's seat and makes AI a tool they reach for when they want it.

Automated in the workflow. The Agent is built directly into a Workflow Action. Files entering that step are scanned automatically. Tags and Notes are applied to the file before any human opens it. Humans inherit the file with the briefing already in hand, see what was flagged and where, and triage from there. This pattern frees reviewers from having to know which Agent to call, and it ensures critical scans (a regulatory check on every campaign asset, a brand check on every market variant) cannot be skipped.

The same Agent can be delegated for one team and automated for another. The same workflow can mix both patterns at different stages: an automated pre-screen at intake, a delegated specialist review at mid-cycle, an automated final compliance check before approval.

The choice changes the reviewer experience materially:

• A reviewer working with a delegated Agent chooses when AI enters the picture.
• A reviewer working downstream of an automated Agent opens every file with AI's first pass already on the page.

Both modes sit inside the same governance framework: same permissions, same audit trail, same [AI GENERATED] tagging on all outputs. Your administrators decide which mode fits which workflow.

How it works in practice

For administrators:

1. Configure a Provider. Connect your AI engine (OpenAI, Anthropic, or your own model endpoint), specify API key and endpoint, and select the models available to your Agents.
2. Write the Prompt Template. Define the Agent's job: what it should look for, what it should produce, what tone and constraints apply.
3. Add Reference Files. Upload the persistent knowledge the Agent should consult, like your brand guide or compliance framework.
4. Group into a Prompt Template Set. Bundle related Agents and assign them to Roles at the schema level. Users in those Roles inherit access.
5. Decide delegated or automated. Configure each Agent for human invocation, build it into a workflow as an automated Action, or both.
6. Test and tune. Adjust the prompt, the model, the temperature, and the reference material until the Agent meets your quality bar.

For reviewers (delegated pattern):

1. Open a proof. Aproove shows the Agents available to your role.
2. Invoke the Agent. Run it against the full proof or a specific selection. Use Section context to fan an Agent across multiple proofs in parallel.
3. Review the findings. AI-generated Notes appear on the components the Agent analyzed, prefixed with [AI GENERATED], with severity Tags and suggested resolutions.
4. Decide. Confirm, edit, override, or escalate. Your decisions land in the audit trail.

For reviewers (automated pattern):

1. Pick up your task. The file arrives in your queue with Agent findings already in place.
2. Use the briefing. Tags and Notes from the upstream Agent are visible on the proof, telling you where to look first.
3. Review and decide. Confirm, edit, override, or escalate the Agent's findings, and add your own analysis.
4. Move the file forward. Your decisions and any new annotations join the audit trail.

Built for trust

A few details worth calling out, because they are how Aproove keeps AI deployable in regulated environments:

• AI-generated Notes are always tagged. The [AI GENERATED] prefix is automatic and cannot be hidden. Reviewers always know what came from an Agent.
• Notes are attributed to a human. Accountability stays with people. Whether the Agent ran on demand or as a workflow action, every Note is recorded against the human associated with that step.
• Generation Jobs capture every run. Every Agent invocation is logged, including the raw API call and provider cost data tied to the API key. Spend is transparent.
• Permissions are independent of human review permissions. An Agent can be tightly scoped to a small set of users even when the underlying file is broadly accessible. The reverse is also true.

Agents are governed at the schema level. Adding, removing, or changing an Agent's reach is a configuration change, not a code deployment.

Benefits

• One Agent per task. Different Agents for brand, legal, regulatory, and compliance work. Each tuned to its specific job, each with its own model, prompt, and reference material.
• Bring your knowledge with you. Your style guide, your compliance rules, your brand book, all loaded as reference material that Agents consult on every run.
• Reviewers stay in control. Every Agent finding is reviewable, editable, and overridable. The human makes the call.
• Delegated or automated, your choice. Configure the same Agent to be human-invoked for some teams and workflow-automated for others. The platform adapts to how each team works.
• Cost is transparent. Generation Jobs surface what each run costs and which Agent is running on which model. Budget conversations get easier.
• Permissions match your governance. Who can use an Agent, who can see its outputs, and who can change its configuration are all controlled at the role and team level.‍
• Parallel execution at scale. Forking lets a single Agent run across many proofs at once, useful for catalog-scale or campaign-scale review.

Who it's for

• Compliance, legal, and regulatory leaders who need AI in their review process but cannot accept ungoverned tools.
• Brand and creative governance teams building Agents that enforce brand consistency.
• Aproove administrators configuring the platform's AI capabilities for specific business contexts.
• Reviewers and SMEs who want better-briefed reviews without giving up final authority.
• IT and security teams evaluating AI deployment in regulated environments.

Under the hood

Aproove's AI Agent framework is structured in four layers: Providers (AI engine connection, model selection, API key management, output token controls), Prompt Templates (system role input, user input, temperature, request timeout, context binding), Prompt Template Sets (permission grouping at the schema level), and Reference Files (persistent or temporary knowledge stores up to 512 MB across PDF, DOCX, spreadsheet, JSON, and image formats). The platform ships with off-the-shelf integrations to OpenAI and Anthropic, with additional support for customer-managed connections to custom LLMs, in-house LLMs, and self-hosted models. Agent invocation runs against the structured file representation produced at upload, including text content, metadata, image data, and pixel-level dimensions, with system tags available to dynamically pull file content into prompts at runtime. Outputs are written back as Notes prefixed with [AI GENERATED] and attributed to the associated user, with optional Tags for severity and category. Every run is captured in Generation Jobs, which records the full API call and pulls cost data directly from the provider. AI requests transmit only the minimum necessary structured data over encrypted channels (TLS 1.2+), and inference is transactional and not used for upstream model training when running through enterprise endpoints.