How do I stop an AI agent from overspending on API calls?

Route the agent's calls through a runtime cost cap. With Tenet, you wrap tool calls in tenet.execute() and set a USD budget over a rolling window (1 hour to 7 days). When the cap is hit, further calls return a clean 429 and the agent pauses until the window rolls over, so a runaway loop can't produce a surprise five-figure invoice.

How do I require human approval before an AI agent does something irreversible?

Use approval gates: calls classified as irreversible (like github.repos.delete or stripe.refunds.create) automatically pause as pending reviews instead of executing. The reviewer gets an email, and the held call only executes after explicit approval. With Tenet this is on by default for every account; routine tools can be granted standing auto-approvals.

How do you audit AI agent actions?

Record every attempted tool call with its policy outcome in a hash-chained log: each entry includes a fingerprint of the previous entry, so editing or deleting history breaks the chain detectably. Tenet writes every decision (allowed, escalated, or blocked) to such a tamper-evident audit log, verifiable on demand, which maps to the operational logging expectations of frameworks like the EU AI Act Article 12.

How do I keep API keys out of my AI agent's code?

Use credential mediation: the agent holds a single Tenet API key and nothing else. When a call is allowed, Tenet injects the real GitHub, Stripe, or Anthropic credential server-side at execution time. If a model output is exfiltrated via prompt injection, no third-party secrets go with it.

Does Tenet work with LangGraph and LangChain?

Yes. Tenet is framework-agnostic: drop tenet.execute() inside any LangGraph tool node, wrap raw OpenAI or Anthropic SDK calls, or call the HTTP API from n8n or custom Python. Install with pip install tenet-python; the free tier includes every safety control with 500 decisions per month.

The Shared Responsibility Model for AI Agents

When AWS launched in 2006, the biggest question enterprises had wasn't about compute power or storage. It was about responsibility. If my data is in your cloud, who's responsible when something goes wrong?

The answer became one of the most important frameworks in modern technology: the shared responsibility model. AWS is responsible for security of the cloud. You're responsible for security in the cloud. Clear boundaries, clear accountability.

AI agents need the same framework. And we don't have one yet.

The Agent Responsibility Gap

Today, when an AI agent makes a mistake in production (sends the wrong email, deletes the wrong record, approves a transaction it shouldn't have), there's no clear accountability model. Was it the agent's fault? The developer who built it? The model provider? The user who gave the agent too much access?

This ambiguity is the single biggest barrier to enterprise agent adoption. Not capability; agents are already capable enough for most business workflows. The barrier is that nobody can answer the question: who is responsible when this goes wrong?

A Framework for Agent Responsibility

Drawing from the cloud shared responsibility model, here's a framework for AI agents with three layers of accountability:

Platform Provider (Tenet's Responsibility)

The governance platform is responsible for:

Policy enforcement reliability: when a policy says "deny," the action must be denied, every time
Audit trail integrity: decision logs must be tamper-proof and complete
Escalation delivery: when a human needs to review, the review request must reach them
System availability: the governance layer can't be a single point of failure

This is analogous to AWS being responsible for the hypervisor, physical security, and network infrastructure. The platform guarantees that governance works.

Organization (Your Responsibility)

The organization deploying agents is responsible for:

Policy design: defining what agents can and can't do, and under what conditions
Access scoping: giving agents the minimum set of tools they need, not every tool available
Reviewer assignment: making sure the right humans are reviewing the right escalations
Policy maintenance: updating governance rules as agent capabilities and business needs change

This is analogous to you being responsible for IAM policies, security groups, and encryption in the cloud. You decide what the rules are.

Agent Developer (Builder Responsibility)

The developer or team building the agent is responsible for:

Authorization integration: actually calling the governance layer before executing tool calls
Graceful handling: when an action is denied or escalated, the agent should handle it without breaking
Context provision: sending enough context with each authorization request for meaningful policy evaluation
Testing: verifying that governance policies work as expected before deploying agents to production

This is analogous to application developers being responsible for input validation, error handling, and secure coding practices.

Why This Matters

When responsibility is clear, adoption accelerates. Enterprises can deploy agents knowing that:

The governance platform guarantees enforcement
Their security team controls the policies
Their developers integrate the governance checks
Every decision is auditable

Nobody has to trust the AI model to "do the right thing." Trust is replaced by verification at every layer.

The Governance Stack

In practice, this shared responsibility model maps to a concrete governance stack:

Policies define what's allowed. They're versioned, reviewable, and testable, just like infrastructure-as-code. The organization owns these.

The runtime engine evaluates every tool call against active policies in real time. The platform owns this.

Escalation workflows route sensitive decisions to human reviewers. The organization designs these; the platform delivers them.

Audit trails record every decision. The platform guarantees integrity; the organization uses them for compliance.

Agent integration connects the agent to the governance layer. The developer owns this.

Moving Forward

The cloud shared responsibility model didn't emerge overnight. It took years of incidents, misunderstandings, and iteration before the industry settled on clear boundaries. AI agents are at the beginning of that same journey.

But we don't have to start from scratch. The pattern is proven: clear layers, clear ownership, clear accountability. The sooner the agent ecosystem adopts it, the sooner agents move from experimental to essential.

Tenet implements the shared responsibility model for AI agents. Platform-guaranteed governance, organization-defined policies, developer-friendly integration. See how it works →