COMMAND APPROVAL

Review every command before it runs.

Every script, every query, every kubectl apply, held for human review with full context and AI risk analysis. Approve in Slack. Schedule for the maintenance window. Deny with feedback. Nothing executes without explicit approval.

See command approval in actionGet started free →
prod-db
$hoop exec prod-db -i "
AI Risk Analysisin-transit
Table users: 2.4M rows, 18 indexes
WHERE clause matches 1 row (safe scope)
Column status has CHECK constraint
Risk: LOW. Route to DBA on-call.
#
#dba-approvalsjust now
@alice requested on prod-db
UPDATE users SET status = 'inactive' WHERE id = 123
AI: LOW risk. 1 row affected. CHECK constraint on status column.
hoop

The problem

Your most strategic engineers are copying and pasting scripts from Slack.

As teams grow, production access concentrates in a few senior people. Every database migration, every config change, every hotfix, routed through the same engineers. They stop building and start executing other people's scripts. It starts as a few requests a day. It ends as a full-time job.

01Script received in Slack0 min
02Senior engineer reviews+12 min
03Copy-paste to terminal+3 min
04Verify target environment+5 min
05Execute and report back+4 min
06Next request already waiting+0 min

~24 min per request. 15+ requests/day. One engineer gone.

HOW IT WORKS

Submit. Route. Review. Execute.

Hoop replaces the Slack back-and-forth with a structured approval flow. The person who needs the command executed submits it directly. Hoop routes it to the right approver with full context. No copy-pasting. No ambiguity about which environment. No lost scripts in thread replies.

01User submits a command

Through the Hoop web terminal, CLI, API, or Jira ticket. The command is held. Nothing executes yet.

02Right person, right channel

Hoop routes the request to the correct approver based on resource, team, and escalation rules. Slack, Teams, or a Jira ticket with the right assignee.

03Full context, AI risk analysis

The approver sees who is requesting, which resource, and the exact command. An LLM risk analysis flags schema impact, table sizes, and potential issues before the human even looks.

04Approve, deny, or schedule

Approve for immediate execution, deny with feedback, or approve with a time window. "Run this at 2 AM during the maintenance window." The user gets a real-time notification either way.

INTEGRATIONS

Approval happens where your team already works.

Hoop fits into your existing workflow, whether that's Slack threads, Teams channels, or Jira tickets with established change management processes. No new tool for approvers to learn. No new dashboard to check.

Slack & Teams

Approval requests land in the right channel with full context. Approvers click a button. No context switching, no login required. Real-time notification back to the requester.

Jira

For teams with established change management workflows. Hoop runs headless: tickets are created in Jira with the script, routed through your existing approval process, and executed automatically on approval.

Web & API

The Hoop web app shows every pending request with full session context. The API lets you build custom approval workflows or integrate with internal tools.

AI RISK ANALYSIS

The approver sees the risk before reading the script.

Hoop attaches an AI-generated risk analysis to every approval request. The LLM has access to infrastructure context like schema, table sizes, and active connections, flagging potential issues before the human reviewer even opens the request. A DELETE on a 200M-row table gets flagged differently than a DELETE on a 50-row config table.

risk-analysis

DELETE FROM orders WHERE created_at < '2024-01-01'

High riskAI analysis

Table orders has 47.2M rows

WHERE clause matches ~12.1M rows (25.6%)

No transaction wrapper detected

Consider: batch delete with LIMIT

WHEN TO USE WHAT

Command-level control or time-window access. Choose per resource.

Command Approval and Just-in-Time Access solve different problems. Use Command Approval for write operations and sensitive queries. Use JIT for debugging sessions and read-only access. Most teams use both.

Command Approval

Scope

Each command reviewed individually

Best for

Write operations, migrations, hotfixes

Security

Highest. Nothing runs without explicit approval

Overhead

Higher, but AI risk analysis reduces reviewer load

Just-in-Time Access

Scope

Time window. All commands allowed during the session

Best for

Debugging sessions, read-only access, on-call

Security

High. Access is temporary, not permanent

Overhead

Lower. One approval per session, not per command

ORGANIZATIONAL IMPACT

From manual script execution to automated approval workflows.

Every approval, every denial, every scheduled execution becomes audit evidence automatically. Your SRE team gets their time back. Your compliance team gets the trail they need.

Senior engineers recovered 6+ hours/week from manual script execution
Median approval time dropped from 24 minutes to 47 seconds
Every command logged with requester, approver, risk score, and timestamp
Approval Workflow ROILast 30 days
Manual Process
Engineer requests access0:00
Slack message to manager...
Manager sees notification+12 min
Escalation to security team+28 min
Manual review & approval+47 min
With Hoop
Command detected by gateway0:00
Slack notification sent+2s
Context + risk level shown+3s
One-click approve/reject+34s
1,200 approval cycles × 46 min saved = 0 hours returned to engineering

How many hours does your team spend executing other people's scripts?

Most teams don't track it until they realize a senior engineer is spending half their week on it. We can show you the impact in your first week.

Get a demo →Get started free →