I deployed my first autonomous purchasing agent on a Tuesday.
Four lines of orchestration. An x402 payment rail. A prompt that said: "buy GPU compute when under 70% utilization."
I went to sleep feeling like I had shipped the future.
The $12,400 Wake-Up Call
I woke up to Stripe notifications. The agent had:
- Hit a rate-limit at 2:14 AM and retried the purchase 40 times
- Bought compute from a vendor I had never heard of
- Tipped an API into overage tier
Total damage: $12,400. In seven hours. While I was sleeping.
The Problem Wasn't the Agent
The agent did exactly what I told it to do. The problem was that nobody was checking before the money moved. Every autonomous agent framework gives agents the ability to spend money — but none have a spending policy the agent can't override.
What I Built
sipi.bot — a pre-spend firewall for autonomous AI agents. Before any agent buys compute, API credits, ads, or SaaS, it calls one HTTP endpoint. sipi.bot answers in under 5ms with APPROVED, BLOCKED, or FLAGGED.
The Six Rules That Would Have Saved Me $12,400
- Per-transaction cap — blocks any single spend over your ceiling
- Velocity limit — kills retry loops at attempt #3, not #40
- Merchant allowlist — unknown vendors blocked by default
- Daily total — catches aggregate before it hits five figures
- Category rules — compute capped, no wires ever
- Time-of-day rule — 2 AM unattended spend flagged for review
MCP-native for Claude Code, Cursor, and Hermes. MIT-licensed, self-hostable. Free tier: 5,000 checks/month.
Top comments (0)