51 rules our machines are never allowed to break
July 10, 2026 · 6 min · Daniel Lewis
Every automation engine we ship carries a written guardrail library, fifty-one rules the machine physically cannot violate no matter who’s operating it. Here are a few of them, and why they exist.
The fastest way to ruin a small business with automation is to automate its mistakes. A machine that texts customers without consent doesn’t get a warning, it gets class action lawyers. A review system that quietly filters out unhappy customers doesn’t get caught right away, it earns a federal fine of $51,000 per violation eventually. The real danger isn’t a machine that breaks, it’s one that keeps working at volume while it does the wrong thing.
So every engine we build ships with guardrails baked into the workflow itself, rather than into a training document or a salesperson’s memory. There are fifty-one of them, written down, versioned, and enforced by the machine’s own plumbing. Here are the ones that do the most work.
A person approves every send
Our outreach engines write drafts and stop there. A person, usually the owner, reads each one and decides whether it goes out. This costs us speed and we’re fine with that, because the first cold email a prospect receives from your company is your reputation sitting in someone else’s inbox. A related rule caps follow-up at exactly one polite note for non-responders, with a daily limit, so there’s no drip sequence and nothing escalates when someone stays quiet. Silence pauses the machine instead of provoking it.
No review gating, ever, anywhere
Every customer gets the review link, happy or not. Unhappy customers also get a direct line to the owner, so problems reach him before they reach Google. The link itself is never withheld, because deciding who gets asked is review gating, the FTC fines it per violation, and Google suspends profiles over it. The honest version also happens to sell better, since a promise that your phone rings before Google ever hears about a problem beats a gamed star average.
AI reads the documents, code makes the decisions
Our machines use AI to read things like invoices, nameplates, and customer replies. They don’t let AI decide anything that has to be exactly right. A serial number’s manufacture year comes from a hand-built rules table maintained per brand, because a language model asked to decode a serial will return a confident wrong answer, and a replacement pitch fired at a four-year-old air conditioner is a credibility killer with the client’s name on it. Anything the rules can’t parse gets flagged as unknown, and unknown is never scored, pitched, or mailed.
The same discipline applies to words. AI never writes warranty language, guarantees, or coverage promises. Those come from fixed templates the machine selects, because a single hallucinated line promising two-year parts and labor is a written commitment somebody has to honor or litigate.
A monitor must not certify itself
One of our products checks a business’s Google listing every day, and the rule here is that a self-hosted machine can’t be trusted to report its own outage. So the watcher is itself watched by an external dead-man’s switch, and the monthly all-clear email counts the checks that actually executed, pulled straight from the log, never a hardcoded claim that we checked 31 times. If we ever tell you your listing was watched every day, it’s because a system we don’t control agrees.
Why publish any of this
We publish it because the guardrails are the product. Anyone can wire an API to a spreadsheet. The hard part is knowing where the $10,000 fines, the carrier blocks, and the trust-killing wrong letters live, then building the machine so those mistakes are structurally impossible. Fifty-one rules is what that knowledge looks like once it’s written down, and when you buy an engine from us they come pre-installed, which means you can’t accidentally violate them either.
Disagree with any of it? Good. Bring a calculator.