Fast Paths and Slow Paths: The Art of Runtime Control for Autonomous AI

When Governance Meets Autonomy: A Fundamental Contradiction

O'Reilly recently published a feature article, "Dispatches from O'Reilly: Fast Paths and Slow Paths," diving deep into an increasingly critical question at the heart of autonomous AI systems — how do you achieve effective governance while preserving AI autonomy? The article presents what appears to be a paradox: attempting to control every decision an AI system makes is precisely what destroys autonomy itself.

As AI Agents, autonomous coding assistants, and automated decision-making systems are deployed at enterprise scale, the industry is reaching a critical inflection point. Traditional "item-by-item approval" governance models are no longer up to the task, yet fully unsupervised autonomous operation carries unacceptable risks. O'Reilly's analysis offers a highly instructive architectural framework for navigating this dilemma.

Core Concept: Fast Paths and Slow Paths

The article's central framework borrows the classic "Fast Path / Slow Path" design pattern from systems architecture and applies it to runtime control of AI systems.

Fast Path: Trust-Driven Autonomous Execution

The fast path refers to decision channels where AI systems can operate autonomously without human intervention. These decisions typically share the following characteristics:

• Controllable risk: Consequences fall within acceptable bounds, and even errors won't cause irreversible damage
• Mature patterns: Common scenarios the system has been thoroughly trained and validated on
• Clear context: Complete input information with no significant ambiguity
• Reversibility: Results can be undone or corrected

On the fast path, AI systems operate autonomously at near-real-time speeds, with governance mechanisms taking the form of "post-hoc audits" rather than "prior approvals." This preserves system throughput and response speed — and is where autonomy truly delivers its value.

Slow Path: Deliberate Human-AI Collaboration

The slow path encompasses decision channels requiring additional review, human intervention, or multi-layer verification. Conditions that trigger the slow path include:

• High-risk operations: Decisions involving sensitive areas such as finances, security, or privacy
• Edge cases: Ambiguous scenarios where system confidence falls below a threshold
• First encounters: Novel decision types lacking historical data
• Compliance requirements: Scenarios where regulations explicitly mandate human review

The slow path doesn't mean inefficiency — it's a form of "precision braking" — applying the brakes only when truly needed, rather than keeping the entire system idling at all times.

Why "Total Control" Doesn't Work

The article devotes considerable space to arguing a core thesis: imposing blanket governance on autonomous AI systems is not only technically infeasible but logically self-contradictory.

The Curse of Scale

When an AI Agent needs to make hundreds of micro-decisions per second — for example, an autonomous coding assistant choosing variable names, function structures, and API calls while generating code — requiring every decision to pass through a governance process effectively eliminates autonomy. The system degenerates into a semi-automated tool requiring continuous human input, defeating the entire purpose of deploying an AI Agent.

The Scarcity of Attention

Even if comprehensive review were technically possible, human reviewers' attention is a finite resource. When all decisions are flagged as "requiring review," genuinely high-risk decisions get buried under a flood of low-risk notifications. This is what the security field calls "Alert Fatigue" — when everything is an alert, alerts lose all meaning.

The Cost of Latency

In real-time application scenarios, every instance of human intervention introduces latency. For time-sensitive applications like autonomous driving, real-time trading, and emergency response, the delays caused by total control may themselves constitute a risk.

Practical Architecture for Runtime Control

The article further explores how Runtime Control actually operates in large-scale production environments. This is not a theoretical framework but an engineering methodology already being practiced by leading tech companies.

Tiered Decision Routing

At the core of runtime control is a "Decision Router" that, at the moment an AI system generates a decision, assigns it to either the fast path or slow path based on preset rules and real-time assessment. The router itself must be sufficiently lightweight to avoid becoming a performance bottleneck.

Typical routing strategies include:

• Rule-based static routing: Certain decision types always take the slow path (e.g., operations involving PII data)
• Confidence-based dynamic routing: Automatically switching to the slow path when model output confidence falls below a threshold
• Context-based adaptive routing: Dynamically adjusting routing strategies based on current system state, historical performance, and external conditions

Guardrails, Not Fences

The article offers an elegant metaphor: effective AI governance should be like highway guardrails, not fences. Guardrails allow vehicles to travel freely within their lanes, only coming into play when a vehicle veers toward a dangerous edge. Fences trap vehicles in place, going nowhere.

This means the design goal of runtime control is not to "prevent AI from doing things" but to "ensure AI does things autonomously within safe boundaries." Specific implementations include:

• Output filters: Lightweight checks at the AI decision output layer to intercept clearly non-compliant outputs
• Behavioral boundaries: Defining the operational scope of AI systems, with out-of-scope actions automatically triggering the slow path
• Progressive trust: Newly deployed AI systems start with a narrower fast path, gradually expanding their autonomous scope as performance is validated

Observability: The Infrastructure of Governance

The article particularly emphasizes that a robust fast path depends on strong Observability. Even when decisions are executed autonomously on the fast path, the system must comprehensively log decision context, inputs and outputs, model states, and other information to support post-hoc audits and continuous improvement.

A fast path without observability isn't "trust" — it's "blindness."

Industry Practices and Trend Signals

This framework didn't emerge in a vacuum. Multiple converging trends are visible across the industry:

Anthropic's Constitutional AI and layered safety mechanisms already practice a similar philosophy — using predefined value principles to let models operate autonomously in most scenarios, triggering stricter review only in edge cases.

OpenAI's GPT product line is also gradually introducing more granular usage policy controls, allowing enterprise customers to adjust governance levels according to their own risk appetites.

Agent frameworks like LangChain and CrewAI are upgrading "Human-in-the-Loop" from a binary option to a multi-level configurable control strategy — essentially implementing fast path/slow path separation at the engineering level.

The EU AI Act's risk-tiering approach is also highly aligned with this framework — different risk levels of AI applications are subject to different intensities of regulatory requirements, rather than a one-size-fits-all approach.

Deeper Insight: From Control to Orchestration

The article's most profound insight is its suggestion of a fundamental shift in the AI governance paradigm: from "control" to "orchestration."

The core of traditional software governance is control — explicitly specifying what a system can and cannot do, with deterministic rules at every step. But the essential characteristic of autonomous AI systems is non-determinism; their value comes precisely from their ability to handle situations that preset rules cannot cover.

Therefore, the role of governance needs to shift from "commander" to "orchestrator" — setting boundaries, allocating resources, and monitoring status, while leaving specific execution decisions to the system itself. The fast path and slow path design is the engineering expression of this orchestration mindset.

The implication for enterprise CTOs and AI architects is clear: don't try to build a perfect rule system that anticipates every situation. Instead, build an adaptive control system that can operate safely amid uncertainty.

Looking Ahead: Toward Mature AI Runtime Governance

The introduction of the fast path/slow path framework marks the industry's thinking on AI governance maturing from "whether governance is needed" to "how to govern efficiently."

Several directions are expected to become focal points going forward:

• Self-evolving intelligent routing: Decision routers themselves may be AI-driven, continuously optimizing fast/slow path allocation strategies based on historical data
• Industry standardization: Different industries will develop their own fast path/slow path best practices, with tiering standards varying significantly across finance, healthcare, manufacturing, and other sectors
• Toolchain maturity: Monitoring, auditing, and debugging tools built around runtime control will continue to evolve