# Safety & Guardrails (/docs/concepts/safety-guardrails) Every automated decision in Layers is gated by safety guardrails. These are **non-overrideable** unless explicitly stated. ## Optimizer guardrails [#optimizer-guardrails] Applied to every pause / budget / bid decision the optimizer proposes: 1. **Min age 3 days** — no action on an entity younger than 3 days. 2. **Min 100 impressions** — budget/bid changes require at least 100 impressions of data. 3. **Min $5 spend** (content-refresh disable step) — ads with under $5 spend are not disabled. 4. **Never disable `TOP_PERFORMER` or `HEALTHY`** ads. 5. **Never empty an adset/adgroup** — if pausing would leave zero active ads, the optimizer holds. 6. **Max 50% change and $100 absolute** per budget move. 7. **Action caps per cycle**: no more than 40 total actions or 20 pauses in a single optimizer cycle. 8. **Cooldowns** between repeat actions on the same entity: 48h structural, 48h budget, 24h bid. 9. **Min confidence 0.5** — proposals below this confidence score are rejected. ## Creative generation guardrails [#creative-generation-guardrails] Applied to generation workflows: 1. **Ad eligibility / safety review** — content whose upstream safety check fails (`safety.pass = false` or `metadata.adEligibility.eligible = false`) is marked `safetyFailed = true` and forced to `organic_score = 0`, permanently excluding it from ad selection. 2. **Approval policy** — projects with `metadata.approval_policy.requiresApproval = true` block scheduling of any content whose `approval_status` isn't `approved` or `not_required`. 3. **Credit gate** — generation commands check available org credits before queuing. If the org is out of credits the request fails with HTTP 402. ## Distribution guardrails [#distribution-guardrails] Applied to social posts: 1. **Posts-per-day cap** — Social Distribution limits posts per platform per day based on the selected provider (e.g. 2 for `ds`, 4 otherwise). 2. **Account health** — if a social account's OAuth token is invalid or the account has been flagged, distribution activities error out for that account. 3. **Approval gate** — if the project's approval policy requires human approval, scheduled posts wait until a human approves before publishing. ## Spending guardrails [#spending-guardrails] 1. **Generation credit cap** — enforced per request against the org's credit balance. Overages are billed automatically at the end of the billing period via Stripe. 2. **Agency wallet balance** — if insufficient, agency-mode ads are paused and you're notified. ## How to override [#how-to-override] * **Manual pauses / resumes** on ads, adsets, campaigns — done in the app or via API; the optimizer's cooldowns apply equally to manual changes within the project window. * **Creative overrides** — use `project_ads_content.override = 'include'` / `'exclude'` to force a creative in or out of ad selection. ## What to do when a guardrail fires [#what-to-do-when-a-guardrail-fires] Check the workflow run in the layer's **Runs** tab. Every proposal the optimizer rejects records a reason (e.g., "Entity too young (2d \< 3d minimum)", "Change exceeds 50% cap"). Fix the underlying condition (age up, spend up, manual approval) or wait for the next cycle.