feat: RemoteGuard — remote kill switch for AI agents#219
Open
feat: RemoteGuard — remote kill switch for AI agents#219
Conversation
The differentiator: stop agents from a dashboard, not just watch them fail. - RemoteGuard: polls dashboard /api/v1/status for kill signals and budget updates via background thread. Falls back gracefully on network failure. - AgentKilled exception: raised when dashboard sends kill signal. - BudgetGuard.from_remote(): fetch budget config from dashboard API with local fallback defaults. - HttpSink heartbeat: periodic heartbeat events with guard state so the dashboard knows the agent is alive and current spend. - 17 new tests (530 total), 93.73% coverage, all architectural invariants pass. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
Bandit B310 flagged urllib.urlopen for allowing file:// schemes. Added explicit http/https scheme validation before urlopen calls and nosec comments on validated lines. Also trimmed docstrings to stay under 800-line module limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
RemoteGuard— new guard that polls the dashboard/api/v1/statusendpoint via a background thread. When the dashboard sends a kill signal,check()raisesAgentKilled. LinkedBudgetGuardlimits are updated in-place from remote budget changes. Falls back gracefully on network failure (agent keeps running with local guards).BudgetGuard.from_remote()— class method that fetches initial budget config from the dashboard API with local fallback defaults.HttpSinkheartbeat — newheartbeat_intervalandheartbeat_guardsparams emit periodic heartbeat events with current guard state, so the dashboard knows the agent is alive and its current spend.This is the SDK side of the remote kill switch (Move 1 of the platform-first strategy). The dashboard API endpoints (
POST /api/v1/agents/:id/kill,GET /api/v1/status) are the next step in the dashboard repo.What changed
sdk/agentguard/guards.pyAgentKilledexception, +RemoteGuardclass, +BudgetGuard.from_remote()sdk/agentguard/__init__.pysdk/agentguard/sinks/http.pysdk/tests/test_guards.pysdk/tests/test_http_sink.pysdk/tests/test_exports.pysdk/tests/test_architecture.pyRemoteGuardtoTHREAD_SAFE_CLASSESDesign decisions
urllib.request(same as HttpSink)_lockon all mutable state, added toTHREAD_SAFE_CLASSESTest plan
RemoteGuardreceives kill signal → raisesAgentKilledRemoteGuardreceives budget update → modifies linkedBudgetGuardauto_check()delegates tocheck()reset()clears kill statestart()is idempotentBudgetGuard.from_remote()fetches remote configBudgetGuard.from_remote()falls back on network failure🤖 Generated with Claude Code