Let your LLM take real-world actions — without giving it the last word

Most "AI agent" tutorials wire the model straight to execution:

user asks → model decides → system runs

That's fine for a demo. It's dangerous the moment an action can charge a card,

send over a paid channel, publish content, or breach a plan limit. "The model

decided" is not an acceptable audit trail.