Safety & control

NotFair is predictable, logged, and reversible by design. The agent is smart; the substrate is boring on purpose.

Approvals

Write tools never fire silently. Your client shows the proposed change and the current value; nothing hits the upstream API until you confirm. Reads are open; writes are gated.

Change log & undo

Every applied change lands in an operations log with who, what, and before/after values. Reversible actions can be unwound from the operations view.

Per-account access control

After OAuth you pick the exact accounts NotFair may touch — only those are exposed. See Account scoping.

Guardrails

Bid, budget, and bulk-pause changes run inside configurable limits, so a single instruction can’t exceed a sane blast radius.

Rate limits & usage

Each platform has its own upstream rate limits, scoped per account; NotFair also applies its own per-workspace usage limits. Hitting a limit returns a clear, retryable error rather than a silent failure.