Infinite Loops
Agent retries the same failing call 50 times before giving up.
Open source ยท MIT ยท Python 3.9+
AgentBrake
The circuit breaker for LLM agents in production.
pip install agentbrake
The problem
Your agents are running unsupervised.
Observability tells you it happened. AgentBrake stops it from happening.
Budget Blowups
A runaway agent burns $200 in tokens overnight.
Privilege Escalation
Agent calls delete_database because a user prompt-injected it.
The solution
3 lines of code. Full protection.
Wrap your tool-dispatch function. If the agent loops, blows the budget, or calls something off the allowlist, it stops โ before the tool runs.
import agentbrake
agentbrake.init(allowed_tools=["search", "read_file"], budget_usd=5.0)
@agentbrake.guard()
def call_tool(name: str, args: dict):
return my_tools[name](**args)That's it. On a trip, call_tool raises AgentBrakeInterrupt ๐ instead of executing โ catch it and handle the LOOP, BUDGET, or ESCALATION reason however you like.
How it works
Detect โ Interrupt โ Validate
Every tool call passes through the SDK before it ever runs.
Detect
SDK monitors every tool call for loops, budget overruns, and unauthorized tools.
Interrupt
Stops the agent mid-run before damage happens. Not after.
Validate
Sends a link to Slack/browser. Human approves or kills in one click.
Comparison
Enforcement, not just observability.
The others show you what your agent did. AgentBrake is the brake pedal โ it acts before the tool executes.
| Tool | Approach | When it acts | Self-hosted |
|---|---|---|---|
| AgentBrake Best | Enforcement (circuit breaker) | Before damage (mid-run) | โ Yes (MIT) |
| LangSmith | Observability + guardrails | After + during | โ No (cloud) |
| Helicone | Observability + caching | After | โ Yes (open core) |
| AgentOps | Observability + replay | After | โ No (cloud) |
We don't compete with these โ we complement them. Run AgentBrake as your last line of defense before the tool actually executes.