We just connected an AI agent to our CMS. It can create blog posts, fill in SEO metadata, generate FAQ sections, and handle translations.
It cannot publish.
That's a deliberate decision.
The temptation: full automation immediately
When you open an API for an AI agent, it's tempting to give it all permissions. Create, edit, publish, delete — why have a human in the loop if the agent can handle everything?
The answer: because an agent without control in a public system can do more damage faster than you can discover it.
What our agent is allowed to do
In the first version of our CMS integration, the agent has four permissions:
- Create drafts — blog posts are saved as drafts, never published directly.
- Fill metadata — SEO title, description, focus keyword, FAQ items.
- Link translations — connect SV ↔ EN versions.
- Archive — move old content to archive.
What the agent cannot do: publish, edit published content, delete published posts.
Why drafts-first
1. Quality control
A draft can be reviewed. A published post is visible to everyone — Google indexes it, visitors read it, and removing it creates 404 errors.
2. Tone and brand
AI-generated text can be accurate but have the wrong tone. That's caught during review, not after publication.
3. SEO consequences
Wrong slug, duplicate pages, missing hreflang tags — all can hurt your SEO. Better to catch it in draft.
4. Accountability
If something is published incorrectly, who owns the mistake? With an approval loop, there's always a human who made the decision.
What our pipeline looks like
Content plan → AI agent writes draft
→ Metadata + FAQ + SEO filled in
→ Translation created
→ Max reviews in CMS
→ Max approves → Publication
→ Vercel rebuilds the site
→ IndexNow + Google are pinged
The agent does 80% of the work. The human does the last 20% — review and approval. It takes five minutes per post instead of an hour.
Gradual trust
The plan isn't to never give the agent publishing rights. The plan is to earn them step by step:
- Phase 1: Agent creates drafts, human publishes. ← We are here.
- Phase 2: Agent suggests publication, human confirms with one click.
- Phase 3: Agent publishes within defined boundaries (e.g., updates to existing posts).
- Phase 4: Agent publishes new content within approved templates.
Each phase requires data showing that the previous phase worked without issues.
The principle applies beyond CMS
The same logic works for all integrations:
- Email: Agent writes drafts, human sends.
- CRM: Agent suggests updates, sales rep approves.
- Social media: Agent creates posts, marketing lead publishes.
Start with draft. Build trust. Expand gradually.
If you're building an AI agent that connects to an external system — don't give it publishing power on day one. Give it the right to suggest, and let it earn the rest.