feat(platform): implement graph-level Safe Mode toggle for HITL blocks

## Summary

- Add graph-level `safe_mode` metadata field with auto-detection of HITL blocks
- Create floating Safe Mode toggle component with dual variants (builder/library)
- Update backend to accept `safe_mode` parameter in execution calls
- Fix hardcoded safe mode values throughout frontend codebase
- Enhance FloatingReviewsPanel with proper execution status detection

## Backend Changes

- **Database**: Add `metadata` JSON column to `AgentGraph` table
- **API**: Update `execute_graph` endpoint to accept `safe_mode` parameter
- **Execution**: Use graph metadata `safe_mode` as default, with API override capability
- **Auto-detection**: Populate `has_human_in_the_loop` for graphs containing HITL blocks
- **Utils**: Enhance execution context to prioritize API `safe_mode` over graph metadata

## Frontend Changes

- **Component**: New `FloatingSafeModeToggle` with white (library) and black (builder) variants
- **Integration**: Added toggles to new/old builders and library pages
- **API Integration**: Direct graph metadata updates via `usePutV1UpdateGraphVersion`
- **Query Management**: Optimistic updates with React Query cache invalidation
- **Styling**: Proper positioning and z-index handling for floating elements

## Technical Details

- Safe Mode ON (default): HITL blocks require manual review before proceeding
- Safe Mode OFF: HITL blocks execute automatically without intervention
- Toggle only appears when graph contains HITL blocks (`has_human_in_the_loop: true`)
- Backend API takes precedence over graph metadata for execution-time behavior
- React Query cache management ensures UI consistency across components

## Known Issues (WIP)

- Tooltip z-index still covered by some UI elements
- Toggle state not persisting correctly (always shows ON)
- Error when removing HITL blocks from graph

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <[email protected]>

Author: majdyz

autogpt_platform/backend/backend/blocks/human_in_the_loop.py

@@ -10,7 +10,7 @@
     BlockSchemaInput,
     BlockSchemaOutput,
 )
-from backend.data.execution import ExecutionStatus
+from backend.data.execution import ExecutionContext, ExecutionStatus
 from backend.data.human_review import ReviewResult
 from backend.data.model import SchemaField
 from backend.executor.manager import async_update_node_execution_status
@@ -92,17 +92,30 @@ async def run(
         graph_exec_id: str,
         graph_id: str,
         graph_version: int,
+        execution_context: ExecutionContext,
         **kwargs,
     ) -> BlockOutput:
         """
         Execute the Human In The Loop block.
 
         This method uses one function to handle the complete workflow - checking existing reviews
         and creating pending ones as needed.
+
+        If safe_mode is disabled in execution_context, this block will automatically approve
+        the data without requiring human intervention.
         """
-        try:
-            logger.debug(f"HITL block executing for node {node_exec_id}")
+        # Check if safe mode is disabled
+        if not execution_context.safe_mode:
+            logger.info(
+                f"HITL block skipping review for node {node_exec_id} - safe mode disabled"
+            )
+            # Automatically approve the data
+            yield "status", "approved"
+            yield "reviewed_data", input_data.data
+            yield "review_message", "Auto-approved (safe mode disabled)"
+            return
 
+        try:
             # Use the data layer to handle the complete workflow
             db_client = get_database_manager_async_client()
             result = await db_client.get_or_create_human_review(

autogpt_platform/backend/backend/blocks/time_blocks.py

@@ -14,7 +14,7 @@
     BlockSchemaInput,
     BlockSchemaOutput,
 )
-from backend.data.execution import UserContext
+from backend.data.execution import ExecutionContext
 from backend.data.model import SchemaField
 
 # Shared timezone literal type for all time/date blocks
@@ -188,10 +188,10 @@ def __init__(self):
         )
 
     async def run(
-        self, input_data: Input, *, user_context: UserContext, **kwargs
+        self, input_data: Input, *, execution_context: ExecutionContext, **kwargs
     ) -> BlockOutput:
-        # Extract timezone from user_context (always present)
-        effective_timezone = user_context.timezone
+        # Extract timezone from execution_context (always present)
+        effective_timezone = execution_context.timezone
 
         # Get the appropriate timezone
         tz = _get_timezone(input_data.format_type, effective_timezone)
@@ -298,10 +298,10 @@ def __init__(self):
             ],
         )
 
-    async def run(self, input_data: Input, **kwargs) -> BlockOutput:
-        # Extract timezone from user_context (required keyword argument)
-        user_context: UserContext = kwargs["user_context"]
-        effective_timezone = user_context.timezone
+    async def run(
+        self, input_data: Input, *, execution_context: ExecutionContext, **kwargs
+    ) -> BlockOutput:
+        effective_timezone = execution_context.timezone
 
         try:
             offset = int(input_data.offset)
@@ -404,10 +404,10 @@ def __init__(self):
             ],
         )
 
-    async def run(self, input_data: Input, **kwargs) -> BlockOutput:
-        # Extract timezone from user_context (required keyword argument)
-        user_context: UserContext = kwargs["user_context"]
-        effective_timezone = user_context.timezone
+    async def run(
+        self, input_data: Input, *, execution_context: ExecutionContext, **kwargs
+    ) -> BlockOutput:
+        effective_timezone = execution_context.timezone
 
         # Get the appropriate timezone
         tz = _get_timezone(input_data.format_type, effective_timezone)

autogpt_platform/backend/backend/data/credit_test.py

@@ -7,7 +7,7 @@
 from backend.blocks.llm import AITextGeneratorBlock
 from backend.data.block import get_block
 from backend.data.credit import BetaUserCredit, UsageTransactionMetadata
-from backend.data.execution import NodeExecutionEntry, UserContext
+from backend.data.execution import NodeExecutionEntry
 from backend.data.user import DEFAULT_USER_ID
 from backend.executor.utils import block_usage_cost
 from backend.integrations.credentials_store import openai_credentials
@@ -86,7 +86,6 @@ async def test_block_credit_usage(server: SpinTestServer):
                     "type": openai_credentials.type,
                 },
             },
-            user_context=UserContext(timezone="UTC"),
         ),
     )
     assert spending_amount_1 > 0
@@ -101,7 +100,6 @@ async def test_block_credit_usage(server: SpinTestServer):
             node_exec_id="test_node_exec",
             block_id=AITextGeneratorBlock().id,
             inputs={"model": "gpt-4-turbo", "api_key": "owned_api_key"},
-            user_context=UserContext(timezone="UTC"),
         ),
     )
     assert spending_amount_2 == 0

autogpt_platform/backend/backend/data/execution.py

@@ -365,7 +365,7 @@ def from_db(_graph_exec: AgentGraphExecution):
 
     def to_graph_execution_entry(
         self,
-        user_context: "UserContext",
+        execution_context: "ExecutionContext",
         compiled_nodes_input_masks: Optional[NodesInputMasks] = None,
         parent_graph_exec_id: Optional[str] = None,
     ):
@@ -375,7 +375,7 @@ def to_graph_execution_entry(
             graph_version=self.graph_version or 0,
             graph_exec_id=self.id,
             nodes_input_masks=compiled_nodes_input_masks,
-            user_context=user_context,
+            execution_context=execution_context,
             parent_graph_exec_id=parent_graph_exec_id,
         )
 
@@ -449,7 +449,7 @@ def from_db(_node_exec: AgentNodeExecution, user_id: Optional[str] = None):
         )
 
     def to_node_execution_entry(
-        self, user_context: "UserContext"
+        self, execution_context: "ExecutionContext"
     ) -> "NodeExecutionEntry":
         return NodeExecutionEntry(
             user_id=self.user_id,
@@ -460,7 +460,7 @@ def to_node_execution_entry(
             node_id=self.node_id,
             block_id=self.block_id,
             inputs=self.input_data,
-            user_context=user_context,
+            execution_context=execution_context,
         )
 
 
@@ -1099,10 +1099,11 @@ async def get_latest_node_execution(
 # ----------------- Execution Infrastructure ----------------- #
 
 
-class UserContext(BaseModel):
-    """Generic user context for graph execution containing user-specific settings."""
+class ExecutionContext(BaseModel):
+    """Execution context containing user-specific settings and execution options."""
 
-    timezone: str
+    timezone: str = "UTC"
+    safe_mode: bool = True  # Default to safe mode ON
 
 
 class GraphExecutionEntry(BaseModel):
@@ -1111,8 +1112,8 @@ class GraphExecutionEntry(BaseModel):
     graph_id: str
     graph_version: int
     nodes_input_masks: Optional[NodesInputMasks] = None
-    user_context: UserContext
     parent_graph_exec_id: Optional[str] = None
+    execution_context: ExecutionContext = Field(default_factory=ExecutionContext)
 
 
 class NodeExecutionEntry(BaseModel):
@@ -1124,7 +1125,7 @@ class NodeExecutionEntry(BaseModel):
     node_id: str
     block_id: str
     inputs: BlockInput
-    user_context: UserContext
+    execution_context: ExecutionContext = Field(default_factory=ExecutionContext)
 
 
 class ExecutionQueue(Generic[T]):

autogpt_platform/backend/backend/data/graph.py

@@ -61,6 +61,13 @@
 logger = logging.getLogger(__name__)
 
 
+class GraphMetadata(BaseDbModel):
+    """Metadata for AgentGraph configuration options."""
+
+    safe_mode: bool = True  # Default to safe mode enabled
+    has_human_in_the_loop: bool = False  # Whether graph contains HITL blocks
+
+
 class Link(BaseDbModel):
     source_id: str
     sink_id: str
@@ -195,6 +202,7 @@ class BaseGraph(BaseDbModel):
     links: list[Link] = []
     forked_from_id: str | None = None
     forked_from_version: int | None = None
+    metadata: GraphMetadata = GraphMetadata()
 
     @computed_field
     @property
@@ -736,6 +744,9 @@ def from_db(
             description=graph.description or "",
             instructions=graph.instructions,
             recommended_schedule_cron=graph.recommendedScheduleCron,
+            metadata=GraphMetadata.model_validate(
+                graph.metadata if graph.metadata else {}
+            ),
             nodes=[NodeModel.from_db(node, for_export) for node in graph.Nodes or []],
             links=list(
                 {
@@ -1232,6 +1243,14 @@ async def fork_graph(graph_id: str, graph_version: int, user_id: str) -> GraphMo
 async def __create_graph(tx, graph: Graph, user_id: str):
     graphs = [graph] + graph.sub_graphs
 
+    # Auto-detect HITL blocks for metadata
+    for g in graphs:
+        has_hitl = any(
+            node.block_id == "8b2a7b3c-6e9d-4a5f-8c1b-2e3f4a5b6c7d" 
+            for node in g.nodes
+        )
+        g.metadata.has_human_in_the_loop = has_hitl
+
     await AgentGraph.prisma(tx).create_many(
         data=[
             AgentGraphCreateInput(
@@ -1244,6 +1263,7 @@ async def __create_graph(tx, graph: Graph, user_id: str):
                 userId=user_id,
                 forkedFromId=graph.forked_from_id,
                 forkedFromVersion=graph.forked_from_version,
+                metadata=SafeJson(graph.metadata.model_dump()),
             )
             for graph in graphs
         ]

autogpt_platform/backend/backend/data/human_review.py

@@ -121,27 +121,17 @@ async def get_or_create_human_review(
     if review.processed:
         return None
 
-    if review.status == ReviewStatus.APPROVED:
-        # Return the approved review result
-        return ReviewResult(
-            data=review.payload,
-            status=ReviewStatus.APPROVED,
-            message=review.reviewMessage or "",
-            processed=review.processed,
-            node_exec_id=review.nodeExecId,
-        )
-    elif review.status == ReviewStatus.REJECTED:
-        # Return the rejected review result
+    # If pending, return None to continue waiting, otherwise return the review result
+    if review.status == ReviewStatus.WAITING:
+        return None
+    else:
         return ReviewResult(
-            data=None,
-            status=ReviewStatus.REJECTED,
+            data=review.payload if review.status == ReviewStatus.APPROVED else None,
+            status=review.status,
             message=review.reviewMessage or "",
             processed=review.processed,
             node_exec_id=review.nodeExecId,
         )
-    else:
-        # Review is pending - return None to continue waiting
-        return None
 
 
 async def has_pending_reviews_for_graph_exec(graph_exec_id: str) -> bool:

autogpt_platform/backend/backend/executor/database.py

@@ -9,6 +9,7 @@
     get_block_error_stats,
     get_child_graph_executions,
     get_execution_kv_data,
+    get_graph_execution,
     get_graph_execution_meta,
     get_graph_executions,
     get_graph_executions_count,
@@ -130,6 +131,7 @@ def _(
     get_child_graph_executions = _(get_child_graph_executions)
     get_graph_executions = _(get_graph_executions)
     get_graph_executions_count = _(get_graph_executions_count)
+    get_graph_execution = _(get_graph_execution)
     get_graph_execution_meta = _(get_graph_execution_meta)
     create_graph_execution = _(create_graph_execution)
     get_node_execution = _(get_node_execution)
@@ -254,6 +256,7 @@ def get_service_type(cls):
     get_latest_node_execution = d.get_latest_node_execution
     get_graph = d.get_graph
     get_graph_metadata = d.get_graph_metadata
+    get_graph_execution = d.get_graph_execution
     get_graph_execution_meta = d.get_graph_execution_meta
     get_node = d.get_node
     get_node_execution = d.get_node_execution

autogpt_platform/backend/backend/executor/manager.py

@@ -29,14 +29,14 @@
 from backend.data.credit import UsageTransactionMetadata
 from backend.data.dynamic_fields import parse_execution_output
 from backend.data.execution import (
+    ExecutionContext,
     ExecutionQueue,
     ExecutionStatus,
     GraphExecution,
     GraphExecutionEntry,
     NodeExecutionEntry,
     NodeExecutionResult,
     NodesInputMasks,
-    UserContext,
 )
 from backend.data.graph import Link, Node
 from backend.data.model import GraphExecutionStats, NodeExecutionStats
@@ -212,8 +212,8 @@ async def execute_node(
         "user_id": user_id,
     }
 
-    # Add user context from NodeExecutionEntry
-    extra_exec_kwargs["user_context"] = data.user_context
+    # Add execution context from NodeExecutionEntry
+    extra_exec_kwargs["execution_context"] = data.execution_context
 
     # Last-minute fetch credentials + acquire a system-wide read-write lock to prevent
     # changes during execution. ⚠️ This means a set of credentials can only be used by
@@ -243,8 +243,12 @@ async def execute_node(
     scope.set_tag("node_id", node_id)
     scope.set_tag("block_name", node_block.name)
     scope.set_tag("block_id", node_block.id)
-    for k, v in (data.user_context or UserContext(timezone="UTC")).model_dump().items():
-        scope.set_tag(f"user_context.{k}", v)
+    for k, v in (
+        (data.execution_context or ExecutionContext(timezone="UTC"))
+        .model_dump()
+        .items()
+    ):
+        scope.set_tag(f"execution_context.{k}", v)
 
     try:
         async for output_name, output_data in node_block.execute(
@@ -289,7 +293,7 @@ async def _enqueue_next_nodes(
     graph_version: int,
     log_metadata: LogMetadata,
     nodes_input_masks: Optional[NodesInputMasks],
-    user_context: UserContext,
+    execution_context: ExecutionContext,
 ) -> list[NodeExecutionEntry]:
     async def add_enqueued_execution(
         node_exec_id: str, node_id: str, block_id: str, data: BlockInput
@@ -309,7 +313,7 @@ async def add_enqueued_execution(
             node_id=node_id,
             block_id=block_id,
             inputs=data,
-            user_context=user_context,
+            execution_context=execution_context,
         )
 
     async def register_next_executions(node_link: Link) -> list[NodeExecutionEntry]:
@@ -861,7 +865,9 @@ def _on_graph_execution(
                     ExecutionStatus.REVIEW,
                 ],
             ):
-                node_entry = node_exec.to_node_execution_entry(graph_exec.user_context)
+                node_entry = node_exec.to_node_execution_entry(
+                    graph_exec.execution_context
+                )
                 execution_queue.add(node_entry)
 
             # ------------------------------------------------------------
@@ -1165,7 +1171,7 @@ async def _process_node_output(
             graph_version=graph_exec.graph_version,
             log_metadata=log_metadata,
             nodes_input_masks=nodes_input_masks,
-            user_context=graph_exec.user_context,
+            execution_context=graph_exec.execution_context,
         ):
             execution_queue.add(next_execution)