夜间自治稳定性：停止条件 + 检查点 + 权限边界

• Gateway is always-on with heartbeat/cron available.
• Destructive actions can be routed to human approval.

1. Use deterministic triggers (cron/heartbeat), not ad-hoc long chats.
2. Set done/abort criteria and max-iteration caps per task type.
3. Write pre-flight checkpoints before risky multi-step operations.
4. Require manual approval for delete/deploy/security-impacting actions.

• This is architectural guidance from community discussion (需验证).
• Overly strict limits may reduce throughput; tune gradually.

This tip is aggregated from community/public sources and preserved with attribution.