Free agent budget policy template

Agent Budget Policy Template

Generate practical YAML or JSON policy for AI agent authority, budgets, per-request caps, MCP tool costs, delegation limits, revocation, receipts, and Evidence Pack fields.

Generate template See Policy-to-Proof

Configure the policy

This template is deliberately conservative. Start in Observe, then enforce Control once you know normal request and tool economics, with receipts captured for every policy decision.

YAML policy

policy: coding-agent-budget-policy
mode: control
agent:
  id: coding-agent
  workload: coding
  risk_tier: medium
identity:
  require_agent_id: true
  require_tenant_id: true
  require_task_id: true
budgets:
  daily_usd: 500
  session_usd: 25
  per_request_usd: 1
  on_exhausted: block
routes:
  - path: /v1/responses
    model: premium-code-model
    max_request_usd: 1
mcp_tools:
  - name: repo_search
    max_call_usd: 5
    risk_tier: medium
    on_budget_exhausted: block
delegation:
  allowed: true
  child_budget_pct: 20
  child_expiry_minutes: 60
credentials:
  type: revocable_capability
  expiry_minutes: 240
  revoke_on_loop: true
  revoke_on_policy_violation: true
audit:
  include:
    - tenant_id
    - agent_id
    - task_id
    - route
    - model
    - mcp_tool
    - estimated_cost_usd
    - remaining_budget_usd
    - policy_decision
    - decision_reason
    - policy_version
    - receipt_id
    - evidence_pack_id
    - credential_id
    - revocation_state

JSON policy

{
  "policy": "coding-agent-budget-policy",
  "mode": "control",
  "agent": {
    "id": "coding-agent",
    "workload": "coding",
    "risk_tier": "medium"
  },
  "identity": {
    "require_agent_id": true,
    "require_tenant_id": true,
    "require_task_id": true
  },
  "budgets": {
    "daily_usd": 500,
    "session_usd": 25,
    "per_request_usd": 1,
    "on_exhausted": "block"
  },
  "routes": [
    {
      "path": "/v1/responses",
      "model": "premium-code-model",
      "max_request_usd": 1
    }
  ],
  "mcp_tools": [
    {
      "name": "repo_search",
      "max_call_usd": 5,
      "risk_tier": "medium",
      "on_budget_exhausted": "block"
    }
  ],
  "delegation": {
    "allowed": true,
    "child_budget_pct": 20,
    "child_expiry_minutes": 60
  },
  "credentials": {
    "type": "revocable_capability",
    "expiry_minutes": 240,
    "revoke_on_loop": true,
    "revoke_on_policy_violation": true
  },
  "audit": {
    "include": [
      "tenant_id",
      "agent_id",
      "task_id",
      "route",
      "model",
      "mcp_tool",
      "estimated_cost_usd",
      "remaining_budget_usd",
      "policy_decision",
      "decision_reason",
      "policy_version",
      "receipt_id",
      "evidence_pack_id",
      "credential_id",
      "revocation_state"
    ]
  }
}

What a useful agent budget policy covers

A policy is useful only if it can be enforced before the next model, API, or MCP tool call. These are the fields that make authority, budget, and proof governable.

Budgets

Daily, session, per-request, route, model, and MCP tool caps.

Tools

Per-tool price, risk tier, deny behavior, receipt fields, and Evidence Pack ids for MCP servers.

Credentials

Scoped capabilities with expiry, revocation, and loop-kill behavior.

Delegation

Sub-agent budget percentages, shorter expiry, and attenuated authority.

Audit

Tenant, agent, task, route, model, tool, spend context, budget, decision, receipt id, and Evidence Pack id.

Mode

Observe first, Control when trusted thresholds are clear, and capture receipts for every policy decision.

FAQ

Agent budget policy questions

What is an agent budget policy?

An agent budget policy defines the budgets, per-request limits, route rules, MCP tool caps, delegation limits, revocation behavior, receipts, and Evidence Pack fields that should be checked before autonomous agent requests execute.

Why should budget policy be enforced in the request path?

Autonomous agents can loop, retry, delegate, and call expensive tools faster than dashboards or alerts can react. Request-path enforcement blocks over-budget activity before cost is created.

How does this template relate to SatGate?

SatGate is the economic firewall that can enforce authority and budget policy in the request path across model calls, APIs, MCP tools, revocable credentials, delegation, Evidence Pack receipts, and Evidence Pack exports.

What fields should every AI agent budget policy include?

Every AI agent budget policy should include tenant, agent, task, route, model, tool, per-request cap, session budget, daily budget, delegation limits, credential expiry, revocation triggers, receipt ids, policy versions, and Evidence Pack fields.

Should agent budget policy start in Observe or Control mode?

Most teams should start in Observe to learn normal spend patterns, then move high-risk agents, expensive tools, and external-facing workflows into Control mode with hard caps and revocation.

Turn this policy into proof.

SatGate checks authority before execution, records every policy decision as a receipt, and packages evidence for review in an Evidence Pack.

Govern agent execution Create Evidence Pack trail