Show HN: AgentGuard – Auto-kill AI agents before they burn through your budget (github.com)

47 points by dipampaul17 ↗ HN
Your AI agent hits an infinite loop and racks up $2000 in API charges overnight. This happens weekly to AI developers.

AgentGuard monitors API calls in real-time and automatically kills your process when it hits your budget limit.

How it works:

Add 2 lines to any AI project:

  const agentGuard = require('agent-guard');
  await agentGuard.init({ limit: 50 }); // $50 budget

  // Your existing code runs unchanged
  const response = await openai.chat.completions.create({...});
  // AgentGuard tracks costs automatically
When your code hits $50 in API costs, AgentGuard stops execution and shows you exactly what happened.

Why I built this:

I got tired of seeing "I accidentally spent $500 on OpenAI" posts. Existing tools like tokencost help you measure costs after the fact, but nothing prevents runaway spending in real-time.

AgentGuard is essentially a circuit breaker for AI API costs. It's saved me from several costly bugs during development.

Limitations: Only works with OpenAI and Anthropic APIs currently. Cost calculations are estimates based on documented pricing.

Source: https://github.com/dipampaul17/AgentGuard

Install: npm i agent-guard

9 comments

[ 6.6 ms ] story [ 34.6 ms ] thread
So this is essentially monkey-patching every variation of fetch/library fetch and doing math on the reported token counts?

It's an... intrusive solution. Glad to hear it works for you though.

So it monkey-patches a set of common http libraries and then detects calls to AI APIs? Not obvious which APIs it would detect or in what situations it would miss them. Seems kind of dangeorus to rely on something like that. You install it and it might be doing nothing, You only find out after somethings gone wrong.

If I was using something like this I think I'd rather have it wrap the AI API clients. Then it can throw an error if it doesn't recongise the client library I'm using. This way it'll just silently fail to monitor if what I'm using isn't in its supported list (whatever that is!)

I do think the idea is good though, just needs to be obvious how it will work when used and how/when it will fail.

I really wonder how much $$$ was burned while testing this against production.
So that's how AGI will escape containment.
Honestly feels very vibe-coded [1] [2] and would not really trust my money with something like this. I had to read the code to understand what it actually protects me from, as the README.md (other than telling me it's production-ready, professional, and protects me from so much!) tells me "Supports all major providers: OpenAI, Anthropic, auto-detected from URLs". OpenAI and Anthropic are "all" major providers [3]?

[1] https://github.com/dipampaul17/AgentGuard/blob/51395c36809aa...

[2] https://github.com/dipampaul17/AgentGuard/commit/d49b361d7f3...

[3] https://github.com/dipampaul17/AgentGuard/blob/083ae9896459b...

Wouldn't the obvious solution to this problem to stop using agents that don't respect your usage limits instead of trying to build sketchy containers around misbehaving software?
"Commit 2ef776f dipampaul17 committed Jul 31, 2025 · Update READMEs: honest, clear, aesthetic - Removed pretentious language and marketing speak - Added real developer experience based on actual testing - Clear, direct explanations of what it actually does - Aesthetic improvements with better formatting - Accurate feature descriptions based on verified functionality - Honest about capabilities without overselling - Reflects the 30-second integration we tested

The README now matches what developers actually experience: two lines of code, automatic tracking, no code changes needed."

Hey OP - next time perhaps at least write the commit messages yourself?

Expand it to "enterprise security solutions for agent deployments" and you will get VC funding for it. For any new technology, the playbook is create startups that do: "compliance", "governance", "security", "observability" around that technology. So, the big security companies can acquire said startup and add it as a feature to their existing products.

While you are at it, use the term "guardrails" as that is quite fashionable.