Rate limits.
Bound how fast and how often an agent can act.
// policy
tool.calls ≤ 20 / hour / agent
A retry storm or a looping agent can hammer a tool or a vendor API into the ground in seconds, burning your quota and taking the downstream system down with it.
Hold an agent to a sane call rate — a set number of actions per minute or hour, scoped to one tool or across everything it does.
Intercept
The agent attempts an action. HiveKey catches it in the path — nothing reaches the tool yet.
Evaluate
Guard counts calls in a sliding window in the path and slows or blocks the agent the moment the rate is exceeded, before the downstream tool is ever hit.
Enforce & log
The verdict is enforced — allow, block, or route for approval — and written to the audit trail, attributable to the agent's owner.
Agent
attempts an action
HiveKey
scope · guard · log
Tool / MCP
only allowed actions
Built for security and platform teams.
Contain loops and retry storms before they spread
Protect downstream tools and vendor API quotas
Per-tool or fleet-wide limits, set per agent
Rate limits is one expression of Guard.
Every capability rides the same spine — Scope what an agent can do, Guard each action in the path, Log all of it on one trail.
Enforce every action your agents take.
Scope, guard, and log every action — and enforce it in the path, before anything happens.