Need a good way to tell that a codeflow PR is safe to approve and merge

[marcpopMSFT]

We get a lot of codeflow PRs that are just changes to version.* files and eng\common. We implicitly approve and merge but we're moving more towards flows where an agent will give us a list of PRs that are ready to merge. We need a good mechanism for knowing that.

One thought we were discussing is tracing back all the changes flowing in a codeflow PR to their original change in the original repo and if they all had human approvers, then it's safe to take.

Thoughts on having some tooling whether a .net tool or darc command that will trace back to the origin for all changes and we can reliably know that the change is safe to approve and merge.