An open-source toolkit for controlling out-of-control AI agents

The rapid uptake of agentic AI has exposed a range of issues with our non-deterministic helpers. That’s mainly because AI agents are not people and don’t behave like people, even though they generally use the same APIs as humans. For one thing, they make many more queries than a human would, as they build the necessary context to deliver a response.

Anecdotal data from companies that have worked with agents or who have users who access services through agents indicate that this can mean massive increases in API usage, which have affected availability. This increase is the result of automated requests flooding in and blocking calls and responses from APIs that worked perfectly well a year or so ago but now are struggling to cope with the load.

A fundamental redesign of our APIs is necessary, but budgets, resourcing, and capacity make this hard to deliver overnight. What’s needed, then, is a way to manage agent interactions with APIs, treating agents as a new class of user, providing and enforcing the policies that are needed to manage agent life cycles. The use of Model Context Protocol (MCP) as a standard wrapper for agent access to APIs helps here, as it gives us a common environment where we can implement the governance layer needed to keep agents under control.