New v0.8.0 — Closed-Loop Intervention shipped. Open source, MIT license. View on GitHub →
Early access · Design partners open

The reliability layer for AI agents
that take real actions.

Every tool call evaluated before execution - blocked if unsafe, escalated if risky, allowed if clean. Agents smarter from every human decision.

Join waitlist Book a demo

Works with LangGraph · LangChain · OpenAI Agents SDK · any Python agent

localhost:8000/v2 · AgentGate Dashboard
Overview
Overview
Monitor
Failure modes
Escalations 1
Audit log
Improve
Learning loop
Agents
Agent summary · Today
Your agent needs attention today.
your-agent handled 16 actions today. AgentGate caught 10 issues before they executed — mostly policy violation and session anomaly.
10 issues caught $50k protected 1 pending review 5 auto-resolved
10
Unsafe actions caught
of 16 total today
$50k
Financial protected
before execution
54
Agent reliability
caution · 1 agent
1
Pending review
awaiting decision
What went wrong today
Policy violation
2
Session anomaly
2
High blast radius
1
Goal drift
1
Prompt injection
1
Needs your review
Risk 75
process_payment
$50,000 to Design Studio LLC — SOX flagged, blast: critical
Why this exists
95%
of enterprise AI pilots delivered zero measurable return on investment
MIT NANDA Report, 2025
$7.2M
average sunk cost per abandoned AI initiative at large enterprises
S&P Global Market Intelligence, 2025
80%
of business leaders do not trust agentic AI for financial or operational tasks
PwC Global Survey, 2025
11 detectors · 47 failure modes defined

Every way agents break
in production.

Two detection boundaries — pre-execution before your tool runs, and post-execution before your agent reads the result.

prompt_injectioncritical
Hidden instructions in user input redirect the agent to unauthorized actions
goal_hijackingcritical
Injected content reroutes the agent to a completely different objective
excessive_agencyhigh
Agent takes a much broader action than the task requires — scope creep
high_blast_radiushigh
Action would have outsized financial or irreversible operational consequences
policy_violationhigh
Tool call violates an explicit business rule defined in your policy YAML
goal_drifthigh
Agent started one task and ended up attempting something entirely different
data_exfiltrationhigh
Agent attempting to send sensitive data to an unauthorized destination
session_anomalymedium
Unusual velocity or call pattern detected within the current session
retry_stormmedium
Agent calling a failing tool repeatedly — wasted compute, degraded service
sequence_loopmedium
Agent repeating the same sequence of steps without making progress
pii_in_outputmedium
Agent response contains sensitive personal data — scanned post-execution
+ 36 moreroadmap
Pro and Enterprise tiers — hallucination, memory drift, prompt poisoning, and more
How it works

Four steps, one integration.

01
Intercept
Every tool call passes through AgentGate before execution. Blast radius is estimated, policy is checked, and all scorers run in parallel.
gate = GatewayClient.from_env() decision = await gate.evaluate(tool_call) if decision.is_allowed: result = await my_tool(**args)
02
Decide
Unsafe actions are blocked. Risky ones go to a human reviewer with full context — original task, risk score, financial impact, and a verification checklist.
Every decision logged with: · oversight_authority (EU AI Act Art. 14) · human-readable reason string · full score breakdown
03
Learn
Every human approval and rejection becomes labeled training data. AgentGate automatically raises thresholds, adds policy rules, and reduces escalation rate.
Week 1: 20% escalation rate · 5 reviews/week Week 3: 10% escalation rate · 1 review/week Month 6: <5% — near autonomous
04
Intervene
When something goes wrong, AgentGate tells your agent exactly what to do to recover — in the same session, before a human needs to get involved.
elif decision.agent_guidance: context.append({ "role": "system", "content": decision.agent_guidance })
Design partners & early customers

Join the waitlist.

We are working with a small group of engineering teams running agents in production who want a reliability layer without building one themselves.

Free Pro tier access through end of 2026
Direct integration support from the founder
Your failure modes prioritised on the roadmap
Running in your environment in under 20 minutes
Best fit: LangGraph, LangChain, or OpenAI Agents SDK
Request access
We review every submission personally and reply within 24 hours.
Book a demo

No spam. We reply personally within 24 hours.

You're on the list.

Expect a reply within 24 hours.