(no title)

One thing we’ve noticed though: spend caps stop damage, but they don’t prevent pathological behavior. By the time the cap trips, the agent has already drifted.

We’ve been experimenting with pre-authorization per action (reserve → commit style) rather than just per-key ceilings. It lets you detect anomalous patterns before the burn accumulates — especially in looping or tool-chaining scenarios.

Curious — have you seen most overruns come from loops, retries, or just high-token completions?