Resource Governance and Economic Safety
Per-agent budgets and rate limits for tokens, money, tool invocations, and time. Budget exhaustion denies tool calls - it does not just log.
Why
- Agents can recursively generate work. This creates: cost overruns
- API DoS against internal services
- runaway delegation storms
What
- Enforced budgets and quotas per: agent instance
- workflow/run
- tool
- tenant including token budgets, call budgets, concurrency limits, and spend velocity controls.
How
- enforce “agent wallets” (budget must be available to proceed)
- per-tool quotas and concurrency pools
- adaptive throttling under system load
- loop detection: max depth, max retries, repetition window signatures
Evidence
- budget consumption ledger (budget decrements are events)
- throttle/deny events due to quotas
- cost anomaly alerts with correlation to run IDs
Failure modes
- budgets monitored but not enforced
- no per-tool throttles (one tool can take down the estate)
- retries without caps
no backpressure between orchestrator and agents Architect’s Note - Micro vs. Macro enforcement boundaries GATE separates request-level enforcement from system-level flow control. The Tool Gateway enforces micro-level protections on individual tool calls: per-tool rate limits, per-identity quotas, per-request budgets, and spend/velocity caps. The Orchestrator enforces macro-level system health: queue depth limits, concurrency ceilings, global backpressure, workflow scheduling, retries/backoff, and circuit-breaking at the workflow level. In practice: the Gateway protects tools from abusive request patterns; the Orchestrator protects the system from runaway workflows and cascading failure.
NIST AI RMF alignment
C07 maps to MANAGE and MEASURE. See the framework paper for the specific subcontrol mappings.
ISO/IEC alignment
C07 maps to ISO/IEC 27001. Typical evidence: see the Evidence section above.