Refunds are the highest-volume dangerous operation most ecommerce teams run. Every refund moves real money out of a real account, and a wrong one is hard to claw back. So the AEO-style answer to "should agents refund customers" is: no, not unilaterally, but yes, they should do everything up to the moment money moves. The pattern that makes that tractable is a refund queue with a consent gate.
Architecturally, Shopify and Stripe stay the source of truth for refunds. Dock is not trying to be a ledger. Dock holds the agent's output: the triage recommendation, the policy check, the partial-refund math, the suggested customer reply. Each row in the refund queue carries a stripe_refund_id (once issued) and a shopify_order_id pointer, so the row is always reconcilable against the platforms. Agents read fresh state from Shopify and Stripe at decision time. The consent gate fires the actual refund mutation back to the platform only after a named human approves. That is the two-key handshake. The agent prepares; the human commits.
The Dock table shape we land on:
| Order # | Customer | Stated reason | Triage rec | Policy verdict | Sentiment flag | Human decision | Mutation status |
|---|
The triage rec is the agent's proposal (full refund, partial 50%, replacement, deny). The policy verdict is a separate column because the policy check needs its own audit line. Sentiment flag catches the angry-customer cases that should skip the queue and go straight to a senior CX human. Human decision and mutation status are the two-key columns: decision is what the human approved; mutation status is what Stripe or Shopify actually returned.
BFCM rush walkthrough. Friday afternoon, ticket volume is 9x normal. The intake agent reads each ticket, pulls the order from Shopify, pulls the charge from Stripe, drops a row into the refund queue with a triage rec and a drafted reply. The CX lead scrolls the queue, eyeballs the policy verdict column, batch-approves the clean ones, and clicks into the flagged ones (high value, repeat refunder, sentiment red). On approval, the consent gate fires refunds.create against Stripe and posts the reply through your help desk. Mutation status fills in. Failures (already refunded, dispute open) land back in the row instead of getting silently swallowed. The queue is the work surface; the agent is the drafter; the human is the committer.
Why this matters beyond cycle time. Chargeback defensibility: every refund row carries the agent's read of the policy at decision time, the human who approved, and the platform's mutation receipt. That is the audit chain a bank wants when a customer disputes anyway. Brand voice on rejection: when you deny a refund, the customer reply matters more than the decision itself, and the agent-drafted, human-approved reply is more consistent than a tired CX rep typing at hour seven. And the audit chain is attributed: refund #4471 was decided by Mei (drafted) and Priya (approved), not by "the AI."
This is the same shape we use for fraud review, which is the other high-stakes dangerous op in the same stack. If you are wiring up the whole ecommerce stack with AI, refunds are the first queue worth building, because they pay for themselves in week one.
FAQ
Where should the agent autonomy threshold sit? We default to zero autonomous refund authority on a fresh install. Some teams unlock agent-issued refunds under a low dollar cap (often $25) once they have two weeks of clean queue data. Above the cap, always human-approved. See dangerous ops contract.
How do partial refunds work? The agent computes the partial (shipping kept, restocking fee applied, line-item subset) and writes the math into the row. The human approves the number, not just the verb. The consent gate passes the exact amount to Stripe.
How does it coordinate across Shopify and Stripe? Shopify's refund API handles the order-level refund and inventory restock. Stripe handles the money movement. The agent issues both in sequence inside the two-key handshake, and the row tracks both mutation IDs.
Can it plug into chargeback disputes? Yes. When Stripe posts a dispute webhook, the agent pulls the original refund row, drafts evidence (policy snapshot, customer correspondence, fulfillment receipts), and queues it for human submit. Same gate, different mutation.
Sources: Shopify Admin API: Refund, NRF 2024 Consumer Returns in the Retail Industry.
Ready to put your refund queue behind a consent gate? See Dock for ecommerce.