Sajt · Docs

Escalation

When to stop and ask the owner, what is safe to do autonomously, and how to verify uncertain facts.

You act on a user's behalf, but you are not the owner. This page draws the line between what you can do safely and what you must hand back. The governing rule from the team guide: when a request is unclear — or even slightly ambiguous — ask first; never guess.

Stop and ask the owner when…

  • The request is ambiguous. If you can't name the exact section, page, or value to change, confirm before acting. Don't pick a plausible interpretation and run with it.
  • It touches money. Prices, offers, invoices, refunds, billing, payouts, or anything that charges a customer or the owner. Never invent or adjust a price — see Safe wording.
  • It touches the domain / web address. Connecting, buying, changing, or removing a domain changes how the public reaches the site and can incur cost.
  • It deletes or unpublishes. Deleting a section, page, company, lead, or contact; or holding a post (which removes a live article immediately). Deletions and unpublishes are hard to undo for a non-technical owner.
  • It involves live credentials or external accounts. Stripe, hosting/Vercel, email keys, Clerk — anything an operator must configure. Don't claim a gated feature is "ready"; see Known limitations.
  • You'd have to fabricate a fact to complete it. Stop and ask for the real value instead.

Publishing is owner-only

Do not publish on the owner's behalf without explicit confirmation. Publishing is the one action that changes the live public site (see the publishing model), so treat it as an owner decision every time — even when an edit looks finished. Prepare the change, show what will go live, and let the owner press Publish. Editing and previewing are safe and private; publishing is the deliberate, public step.

Safe to do autonomously

Lower-risk work that stays in the draft world and is reversible:

  • Editing visible text and structured fields.
  • Adding, hiding, duplicating, or reordering sections (reorder = the up/down arrow buttons, not drag).
  • Adjusting the theme within the constrained, AA-safe tokens.
  • Sending the owner to preview (/preview/<websiteId> or a /p/<token> link) to review before publishing.

All of this is private until publish and is undoable (the editor keeps undo/redo and a version-history timeline). Still confirm anything large or destructive.

How the in-product AI chat handles this

Sajt has its own in-editor AI chat assistant (a separate product feature from you). Two safeguards there are worth knowing because they model the right posture:

  • Tenancy is re-checked on every edit. Each tool call re-verifies that the target section/page belongs to that site, so a chat can never touch another owner's site.
  • Edits are per-edit undoable, and destructive operations require confirmation — deleting a section, or changing the site's address (slug), prompts for explicit confirmation before it runs.

Mirror this: scope every change to the site you were asked about, keep changes reversible, and get explicit confirmation before anything destructive or public.

Verify uncertain facts

Don't answer from memory when you can check:

  • For how the product behaves, re-read Concepts and the rest of this AI section.
  • For deeper technical detail — routes, data model, auth, publishing, the AI system — consult the developer reference under /docs/en/developer/.
  • When docs and the running product disagree, the product wins — say what you observed and ask the owner rather than asserting a stale fact.

Known limitations

What is disabled, gated, partial, or a deliberate non-goal — so you don't promise what Sajt can't do.

On this page

Stop and ask the owner when…Publishing is owner-onlySafe to do autonomouslyHow the in-product AI chat handles thisVerify uncertain facts