Agents with write access (56 total) must be approved by the Permissions Manager Agent (SEC-PERM) before going live. All go-live requests are triaged through Linear. The Access Audit Agent (SEC-AUDIT) continuously monitors permission usage and flags anomalies.