Read the screenplay: FANNIEGATE — $7 trillion. 17 years. The biggest fraud in American capital markets.
#49🤖 AI & AgentsCareer-Ending

Letting AI Trigger Actions Without Human-in-the-Loop Approval

AI should suggest. Humans should approve. Not the other way around.

What Happened

Set up an AI-powered Flow that analyzed Case descriptions and auto-escalated to legal if it detected lawsuit-related language. No human review step. A customer wrote 'this product is so good it should be criminal' and the AI flagged it as legal risk. Auto-created a Legal Case record, emailed the legal team, froze the customer's account, and sent a 'we take your concerns seriously' template email. To a happy customer. Who then actually did contact a lawyer — about our bizarre response to their compliment.

The Wrong Way

// Flow: AI Case Escalation (fully automated, no review)
Record-Triggered Flow: Case - After Save

→ Action: Prompt Template "Analyze Case Sentiment"
  → Prompt: "Does this case mention legal action? Reply YES or NO."
  → Input: {!$Record.Description}

→ Decision: If AI_Response contains "YES"
  → Create Record: Legal_Case__c (auto-created, no review)
  → Email Alert: Legal team notified
  → Update: Account.Status__c = "Under Review" (account frozen)
  → Email Alert: Customer "we take your concerns seriously"

// All automated. No human checks if the AI was right.

The Right Way

// Flow: AI Case Escalation (human-in-the-loop)
Record-Triggered Flow: Case - After Save

→ Action: Prompt Template "Analyze Case Sentiment"
  → Input: {!$Record.Description}
  → Output: Risk score (1-10) + reasoning

→ Decision: If Risk_Score >= 7
  → Create Task: "Review AI Escalation Flag"
    → Assigned To: Case Owner's Manager
    → Description: "AI flagged this case for potential legal risk.
       AI Reasoning: {!AI_Reasoning}
       Score: {!Risk_Score}/10
       REVIEW and decide: Escalate to Legal (Yes/No)"
    → Due Date: TODAY
    → Priority: High

// Manager reviews → manually escalates if warranted
// Screen Flow for manager: "Confirm Escalation" with all details
// ONLY manager action creates Legal_Case__c and notifications

The Lesson

AI should flag, recommend, and draft. Humans should review, approve, and execute. Never let AI take irreversible actions without human approval — especially anything customer-facing.

Share this mistake on X

Don't make this mistake.

Hire someone who already did.

View Consulting →
Building Prompt Templates Without Grounding in Record DataFeeding Customer Data to AI Models Without a Consent Framework

Enjoyed this? Get more like it.

Glen's Musings — AI, investing, and building things. Occasional. Free.

More AI & Agents Mistakes

Painful

Turning On Einstein Prediction Builder with Dirty Data

AI trained on garbage data gives you garbage predictions with confidence scores.

Read moreCareer-Ending

Deploying Einstein Copilot Without Testing Its Guardrails

An AI assistant with full org access and no guardrails is a data breach waiting to happen.

Read moreAnnoying

Building Prompt Templates Without Grounding in Record Data

An ungrounded prompt hallucinates. A grounded prompt uses your actual Salesforce data.

Read more