An agent is excellent at the work nobody wants to do twice: comparing a changed document against a script, gathering narration units, naming files, and preparing a review packet. It should not get the last word on what your audience hears.
Vois gives that division of work a practical home. The agent can prepare a narration project through the running desktop app, while a person hears a short audition, checks facts and pronunciation, chooses the voice, and explicitly approves the exact material. Only then should the protected production step create audio.
Give the agent a narrow production job
Start with a contract that says what the agent may do and what it may not do. "Make a narrated version" is too loose. It invites the agent to decide tone, shorten caveats, or select a voice from a name it remembers. Give it a bounded job instead:
- read only the approved source files for a release, lesson, or guide
- create a narration draft with a source revision and a proposed title
- inspect available voices and return their exact IDs and metadata
- prepare a change summary, pronunciation questions, and an approval record
- stop before
script generate,tts generate, ortts batch-file
The final bullet is the control. It means the agent can do useful work without treating "finished draft" as "safe to render." The NIST AI RMF Govern playbook is a useful reference when you need to define ownership and review boundaries for an automated workflow.
A good approval packet is small enough for a producer, editor, or subject-matter reviewer to inspect in one sitting. Include the source revision, full spoken text, voice ID, intended language, pronunciations that need confirmation, output destination, and a plain statement of what will happen after approval.
Ask the agent to inspect the running app and current voices
The bundled vois-cli is a remote control for the running Vois app, not a standalone rendering service. Before the agent creates a project or proposes a voice, it needs to check that Vois is running and read the current voice inventory.
Prompt your agent
The Vois desktop app is running. Inspect its status and current voice inventory. Read only the approved source files for this narration. Return a draft script, source revision, title, pronunciation questions, and up to three candidate voices using exact returned IDs. Explain why each candidate fits the intended listener. Do not create a project, generate audio, export a file, or clone a voice. Wait for a reviewer to select a voice and approve the full script.
Human review and approval flow
- Confirm that Vois is running and the returned voice IDs are current.
- Read the complete narration script against the approved source, including dates, warnings, and names.
- Audition a representative passage for each proposed voice and choose one exact ID.
- Approve the script, source revision, voice ID, pronunciations, language, and intended output destination in a reviewer-owned record.
Use the current voice inventory for the casting record, not a hand-copied catalog. If the agent finds several candidates, its sample line and reasoning make the review faster without giving it the final choice.
Keep the approval packet separate from rendering
The agent's proposed output must remain an input to review, not a mutable authorization record. Store the proposed narration text, selected voice candidates, source revision, and approval manifest where the drafting agent cannot rewrite them after review begins.
The manifest should bind the exact script file, a SHA-256 digest of that file, the selected voice_id, source revision, reviewer identity, and approval time. A protected release environment or a signed reviewer-owned record can supply that manifest to the render job. A file that the agent can write, or an environment variable the agent can set for itself, is not a human gate.
Run the render job under a different identity from the drafting agent. The drafting identity may prepare a packet and ask for review. The protected production identity reads the reviewer-approved manifest, checks the bound input, and is the only identity allowed to run the generation and export commands. That separation is what makes the approval enforceable.
This still leaves review concrete. The producer sees the proposed project title, script title, full spoken text, source revision, and casting choice before any audio exists. After approval, the protected job creates the project and script from the exact approved text.
Put a hard human gate in front of rendering
The assurance has to come from permissions, not a comment in the agent prompt. Use a reviewer-only or protected approval store, then pass its path to the protected production job only after a human approves it. GitHub's protected environments are one example; the GitHub Actions workflow documentation explains the surrounding workflow syntax.
The approval record should bind the exact script file, its SHA-256 digest, selected voice_id, source revision, reviewer identity, and approval time. The drafting agent must not be able to modify that record, alter the approved script, or start the protected job.
Prompt your protected production agent
Read the reviewer-owned approval record and approved script. Verify that the script digest, source revision, selected voice ID, and intended destination match the record. If any value is missing or differs, stop and report the mismatch without creating audio. If every value matches, create the Vois project and script from the approved text, generate with the approved voice, export the requested file, and return the project ID, script ID, output path, and generation record. Do not add, shorten, translate, or otherwise alter the approved wording.
What the reviewer must approve
- Script meaning: dates, product behavior, policy wording, warnings, and names match the source.
- Spoken clarity: acronyms, product names, and units have a confirmed pronunciation plan.
- Casting: the reviewer selected the returned voice ID for this audience and context.
- Scope: the reviewer knows where the audio will be published and whether a transcript or other companion material is needed.
- Change control: a source change after approval invalidates the approval and sends the script back to review.
Voice cloning deserves an extra boundary. Use only a clear sample with the voice owner's permission, and require a reviewer to confirm that consent before an agent asks Vois to create the clone. Do not ask an agent to infer permission from a file name, a meeting recording, or an old asset folder.
Create, generate, and export only after approval
Once the protected job has verified the approved script and selected voice, it can create a Vois project, add the approved script, generate the segments, and compile the script export. Keep the generation and export record with the approval record so a producer can trace a delivered file back to its script, voice ID, and source revision.
Prompt your protected production agent
The reviewer-owned approval record has passed verification. Create one Vois project using the approved title, add the exact approved script, generate it with the approved voice ID, and export the completed script to the approved destination. Keep the run ordered and report every created project, script, and export identifier. Do not process a batch, skip an existing asset, or overwrite a previous version unless the approval record explicitly authorizes that action.
For a one-line-per-file asset pack, use the batch capability only after the same review gate. Give every changed script a new versioned destination or deliberately approve its replacement. Skipping an existing file is not a substitute for versioning.
The CLI processes generation sequentially. That is a reason to make the queue explicit, not a reason to launch several competing agent jobs. One project, one approved record, one ordered run makes failure handling much easier to understand.
Keep reruns safe and useful
An agent-generated narration pipeline stays maintainable when every rerun answers three questions: what changed, what was approved, and what was produced? Save a short record beside each job with the source reference, script IDs, voice IDs, expected outputs, and completion status. On a retry, compare the source reference and approved text before doing any rendering.
This also makes the human gate less painful. Reviewers do not need to listen to every unchanged line again. They can review the diff, audition the changed passages, confirm the same voice still fits, and approve a new version. If the voice changes, treat that as a full audio review even if the words did not.
Start with one low-risk narration job and make its evidence trail clear. Then let the agent earn more responsibility through predictable drafts, useful review packets, and a render step that always waits for a person.
Sources
- Vois CLI skill
- Vois CLI command reference
- NIST AI RMF Govern playbook
- GitHub Actions workflow syntax
A narration agent should make the review better, not make the reviewer disappear. Explore CLI automation, then Get started with one production job a person can approve end to end.
The Vois Team