Policy-driven agent execution: budgets, approvals, and risk scores

# Policy-driven agent execution: budgets, approvals, and risk scores Agents should negotiate for permission, not assume it. This blueprint shows how to embed budgets, approvals, and risk scoring directly into your MCP tool contracts. ## Budgets everywhere - Track time, cost, requests, and side-effect quotas per task. - Expose remaining budget to the agent; degrade gracefully when low. ## Risk scoring before execution - Compute a risk score from context: data sensitivity, tool type, blast radius, and novelty. - Gate high-risk invocations behind approvals or extra verifications. ## Approvals as a first-class surface - Add `request_approval` tools with structured payloads and audit trails. - Support synchronous (blocking) and asynchronous (queue) paths. ## Progressive authorization - Start with read-only scopes; escalate stepwise with evidence and human sign-off. ## Telemetry and audit - Log arguments (with redaction), decisions, and outcomes to a tamper-evident store. --- Policy isn’t a formality—it’s how you move fast safely. Put it in the contract so your agents can collaborate with the rest of your organization.