What is an agent spend policy?

An agent spend policy defines the budgets, per-request limits, route rules, MCP tool caps, delegation limits, revocation behavior, and audit fields that should be checked before autonomous agent requests execute.

Why should spend policy be enforced in the request path?

Autonomous agents can loop, retry, delegate, and call expensive tools faster than dashboards or alerts can react. Request-path enforcement blocks over-budget activity before cost is created.

How does this template relate to SatGate?

SatGate is the economic firewall that can enforce spend policy in the request path across model calls, APIs, MCP tools, revocable credentials, delegation, audit, and L402 payments.

Free agent spend policy template

Agent Spend Policy Template

Generate a practical YAML or JSON policy for AI agent budgets, per-request caps, MCP tool costs, delegation limits, revocation, and audit fields.

Generate template AI API budget enforcement

Configure the policy

Agent nameEnvironmentWorkload

This template is deliberately conservative. Start in Observe, then enforce Control once you know normal request and tool economics.

YAML policy

policy: coding-agent-spend-policy
mode: control
agent:
  id: coding-agent
  workload: coding
  risk_tier: medium
identity:
  require_agent_id: true
  require_tenant_id: true
  require_task_id: true
budgets:
  daily_usd: 500
  session_usd: 25
  per_request_usd: 1
  on_exhausted: block
routes:
  - path: /v1/responses
    model: premium-code-model
    max_request_usd: 1
mcp_tools:
  - name: repo_search
    max_call_usd: 5
    risk_tier: medium
    on_budget_exhausted: block
delegation:
  allowed: true
  child_budget_pct: 20
  child_expiry_minutes: 60
credentials:
  type: revocable_capability
  expiry_minutes: 240
  revoke_on_loop: true
  revoke_on_policy_violation: true
audit:
  include:
    - tenant_id
    - agent_id
    - task_id
    - route
    - model
    - mcp_tool
    - estimated_cost_usd
    - remaining_budget_usd
    - policy_decision
    - credential_id
    - revocation_state

JSON policy

{
  "policy": "coding-agent-spend-policy",
  "mode": "control",
  "agent": {
    "id": "coding-agent",
    "workload": "coding",
    "risk_tier": "medium"
  },
  "identity": {
    "require_agent_id": true,
    "require_tenant_id": true,
    "require_task_id": true
  },
  "budgets": {
    "daily_usd": 500,
    "session_usd": 25,
    "per_request_usd": 1,
    "on_exhausted": "block"
  },
  "routes": [
    {
      "path": "/v1/responses",
      "model": "premium-code-model",
      "max_request_usd": 1
    }
  ],
  "mcp_tools": [
    {
      "name": "repo_search",
      "max_call_usd": 5,
      "risk_tier": "medium",
      "on_budget_exhausted": "block"
    }
  ],
  "delegation": {
    "allowed": true,
    "child_budget_pct": 20,
    "child_expiry_minutes": 60
  },
  "credentials": {
    "type": "revocable_capability",
    "expiry_minutes": 240,
    "revoke_on_loop": true,
    "revoke_on_policy_violation": true
  },
  "audit": {
    "include": [
      "tenant_id",
      "agent_id",
      "task_id",
      "route",
      "model",
      "mcp_tool",
      "estimated_cost_usd",
      "remaining_budget_usd",
      "policy_decision",
      "credential_id",
      "revocation_state"
    ]
  }
}

What a useful agent spend policy covers

A policy is useful only if it can be enforced before the next model, API, or MCP tool call. These are the fields that make spend governable.

Budgets

Daily, session, per-request, route, model, and MCP tool caps.

Tools

Per-tool price, risk tier, deny behavior, and audit fields for MCP servers.

Credentials

Scoped capabilities with expiry, revocation, and loop-kill behavior.

Delegation

Sub-agent budget percentages, shorter expiry, and attenuated authority.

Audit

Tenant, agent, task, route, model, tool, cost, budget, and decision fields.

Mode

Observe first, Control when trusted thresholds are clear, Charge when robot customers pay.

Turn templates into enforcement.

SatGate sits in the request path and applies these policies before agents spend money, call MCP tools, delegate work, or unlock paid API access.

Agent spending limits MCP cost control