Place an HTTP Request node immediately before expensive or sensitive nodes (OpenAI, HTTP Tool, SerpAPI, CRM, etc.). Route with an IF node on allowed.
POST /v1/check/demo — demo-only, no API key, no credits consumed, and does not protect real production tools.
task_hash → allowed: trueallowed: false (demo storm path)Demo vs production: The demo endpoint is for routing tests only. For real workspace tracking, credits, and logs, create a free key and use POST /v1/check (5,000 checks/month).
POST /v1/check: agent_id, task_hash, optional action (tool_call · model_call · retry · …), optional step_hash. See Docs. Fields like workflow_id or reason_code in examples below are illustrative n8n patterns unless marked otherwise.
Authorization: Bearer pg_ws_...Do not hard-code the key in shared workflow exports. Get free API key →
POST https://governor.proceedgate.dev/v1/check
Authorization: Bearer pg_ws_...
Content-Type: application/json
{
"agent_id": "n8n-lead-enrich",
"task_hash": "sha256-of-lead-id-or-stable-input",
"action": "tool_call"
}
Map the JSON body — production uses allowed and HTTP status (429 when blocked). On the ProceedGate HTTP Request node, enable Never Error (options.response.response.neverError: true in the repo export) so non-2xx responses like 402 or 429 with allowed: false reach the IF node instead of failing the workflow.
// IF node (example expressions; matches proceedgate-guard-sub-workflow.json)
{{ $json.allowed === true }} → continue to OpenAI / SerpAPI / CRM
{{ $json.allowed === false }} → stop branch, Slack alert, dead-letter
// Optional: treat zone === "gray" as manual review (Planned workflow guard fields)
Native n8n: Guard sub-workflow + Code node (e.g. “Evaluate Budget Limits”) + your DB/Redis + custom policy logic you maintain per workflow.
ProceedGate-powered: n8n keeps orchestration, approval UX, and workflow wiring; ProceedGate adds a shared guard decision/check layer. Same Guard sub-workflow shape, but replace the custom budget/repetition Code node with an HTTP Request to POST /v1/check. ProceedGate can replace that custom check with a managed allow/deny decision — then route primarily on allowed or HTTP 429. zone can be used for optional logging or review patterns where available, with shared decision logs across agents and workflows.
Illustrative workflow JSON (not production-tested). Download/import examples:
Import path A — native n8n: Import Guard Sub-workflow JSON → test mock Code budget logic.
Import path B — ProceedGate-powered: Import ProceedGate-powered Guard Sub-workflow JSON → replace REPLACE_WITH_PG_WORKSPACE_KEY → route on allowed/denied.
Then: Import Main AI Agent Flow and point Call n8n Workflow Tool to whichever guard workflow you want to test.
Reuse one guard across many main workflows by calling a sub-workflow before any costly tool batch:
Main workflow → Call n8n Workflow Tool → Shared Guard Sub-workflow → ProceedGate Check → allow / warn / block → optional Human Review → costly tool (SerpAPI, OpenAI, CRM, …)
On block, the main branch stops before the next paid node. On warn, route to human review before CRM/SAP or other sensitive writes.
Webhook → ProceedGate check → IF allowed → SerpAPI → Firecrawl → OpenAI → CRM. On block, skip paid nodes.
Walk through a labeled demo: Runaway workflow simulator.
/v1/check fields today; they are shown to explain the n8n workflow pattern we are exploring.
Not returned by /v1/check today — useful for future n8n node or policy packs:
reason_code: repeated_task, budget_threshold, too_many_tool_calls, sensitive_endpoint_guardworkflow_id, node_name for audit exportsMarkdown in repo: examples/n8n/proceedgate-pre-call-guard.md · examples/n8n/native-vs-proceedgate-guard-workflow.md · JSON: guard-sub-workflow.json · main-ai-agent-flow.json · proceedgate-guard-sub-workflow.json
POST /v1/check. Workflow downloads via /dl/n8n/* log asset id + hashed IP only. We do not store prompts, raw payloads, raw IPs, or API keys.