In the current implementation workflow (including the protection of changing cell values and executing procedures) is implemented in designed web reports. Users using views, the Excel add-in or other methods to access database cells can bypass the workflow protection.
Implement protection of database cells based on the workflow on the database level to mitigate such bypassing.
Workaround could be an "opt-in" feature: the default right on the whole database is set to R (e.g. in the #_CONFIGURATION Cube), from the workflow status cube you could derive the appropriate rights and project it via business rules in the corresponding #_GROUP_DIMENSION_DATA_.. or even #_GROUP_CELL_DATA_.. cubes.