# Automation

## Scope

Current automation capabilities:
- Webhook ingestion endpoint (`POST /automation/webhook`).
- On-demand scheduled-job execution endpoint (`POST /automation/jobs/run`).
- Dependency hygiene scan job scaffold (`dependency_hygiene_scan`).
- Stale issue detection job (`stale_issue_detection`).
- Auto issue creation job scaffold (`auto_issue_creation`, write-mode and policy required).

Planned extensions:
- Background scheduler orchestration.

## Control Requirements

All automation must be:
- Policy-controlled.
- Independently disableable.
- Fully audited.
- Explicitly documented with runbook guidance.

## Enablement

- `AUTOMATION_ENABLED=true` to allow automation endpoints.
- `AUTOMATION_SCHEDULER_ENABLED=true` reserved for future built-in scheduler loop.
- Policy rules must allow automation pseudo-tools (`automation_*`) per repository.