> ## Documentation Index
> Fetch the complete documentation index at: https://help.loopiq.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Use LoopIQ Assistant with Governed Actions

## What This Does

The LoopIQ assistant can answer questions and, where enabled, help perform governed actions using LoopIQ context. The assistant backend decides whether a request is a normal question, an AI agent request, or an MCP-powered action.

The frontend does not directly expose raw MCP tools. The backend applies policy checks before any tool or action is used.

## Before You Begin

Make sure:

* your organization has assistant or AI features enabled
* your role can use the assistant
* you are in the correct organization and team context
* you understand whether the request is read-only or may create/update records

## Use the Assistant

1. Open the right-side LoopIQ assistant.
2. Ask a question or request help with the page you are viewing.
3. If the assistant suggests an action, review the proposed action carefully.
4. Confirm only if the action is appropriate.
5. Review the result and any linked records or generated output.

## How LoopIQ Governs Assistant Actions

For each request, LoopIQ can check:

* authenticated user identity
* selected organization and tenant
* user permissions
* subscription access
* page context
* allowed tool set for that page
* approval requirements

Write actions may require explicit confirmation or approval before they are applied.

## Review and Approve Helix Actions

When Helix recommends a write action, such as creating remediation work, it may show an approval card before running the action.

The card can include:

* the tool Helix wants to run
* the reason for the action
* the approval ID
* the exact payload that will be sent
* request, trace, workflow, and idempotency details
* the records that may be created or updated

Select `Approve and run` only when the payload references the correct tenant, team, release, certification, and source records. Select `Reject` if Helix is using the wrong context or the proposed change is not safe.

After approval, Helix sends the approved payload back to the backend for execution. The backend runs the approved action directly instead of asking the model to recreate the action.

## Create Remediation Work from Release Blockers

For release certification blockers, Helix can prepare a remediation work package. This creates one parent remediation story and child tasks linked to that story.

Use this flow when you want Helix to turn grounded release findings into trackable LoopIQ work.

Before approving, confirm that the plan includes:

* the correct release and certification
* the affected team or owner
* the provider findings or controls that caused the blocker
* clear child task titles
* evidence or finding references when available

Helix should not create unrelated backlog items. If the plan is not grounded in the records you expect, reject it and ask Helix to explain which release evidence, failed controls, provider blockers, and evidence gaps it read.

## Use Helix on Mobile

The LoopIQ Helix mobile app supports the same governed action pattern. You can review pending MCP actions, inspect the payload, approve or reject the action, and reopen the conversation after execution.

## Good Use Cases

Use the assistant to:

* summarize a release or work item
* find related evidence
* explain missing certification context
* locate security findings
* draft a follow-up comment
* prepare a remediation plan
* answer questions about visible LoopIQ records

## Avoid These Patterns

Do not ask the assistant to bypass permissions, mix data across organizations, use stale tokens, or make production-impacting changes without review.

## Related Articles

* [Use LoopIQ MCP Tools](/ai-and-agents/use-loopiq-mcp-tools)
* [Use AI Action Buttons](/ai-and-agents/use-ai-action-buttons)
* [Review and Approve Helix Actions](/ai-and-agents/review-and-approve-helix-actions)
* [Manage Roles, Permissions, and Access](/administration/manage-roles-permissions-and-access)
