If AI agents can spend money, who's holding the credit card?
I built a memory API agents can pay for. The actual problem isn't whether they can pay. It's per-tool caps, per-agent budgets, kill switches, and spend visibility.
I built a memory API that AI agents can pay for. $0.001 per call in USDC on Base. The demo at bmdpat.com/memory/demo shows real money move in real time.
Cool.
Now multiply that by every paid API your agent stack will eventually consume. Search. Inference. Vector DB. Scrapes. Memory. A typical 4-tool agent loop hits five priced endpoints per turn. A long-running task does this thousands of times a day.
A single rogue loop drains a wallet in minutes.
This is the actual problem. Not "can agents pay?" but:
- What's the per-tool cap?
- What's the per-agent budget?
- How do you kill an agent that's spending too fast?
- Who sees the spend by category, by agent, by hour?
The shape of the controls
The right place for these controls is at the SDK boundary, before the call goes out. Once an HTTP request leaves your process, the money is committed. You need to gate spend at the call site, not in a billing dashboard you check on Monday.
That means:
- Budgets the SDK enforces on every priced call. Hit the cap, the call short-circuits with a clean error.
- Per-tool caps so a single vector DB query that goes wrong can't accidentally cost $50.
- Rate limits so a runaway loop doesn't pile up calls before your monitor catches up.
- Kill switches with a one-line API. When something looks wrong, you stop the agent in one call from any other process.
- Spend visibility per agent, per tool, per hour. So you can see what's normal and what isn't.
Without these, "agents can pay" is a footgun. With them, it's a real product surface.
Why this is the actual product
Memory was the demo. It is small, concrete, and ships in a few hundred lines of Next.js middleware. The point of the demo isn't memory storage. It's proving the protocol works end-to-end with real money.
The product is the controls. Companies will not deploy agents that hold a wallet without runtime guardrails. Solo builders will not run an autonomous loop overnight without a budget cap. The whole agentic-payments wave runs into this wall the moment it hits production.
AgentGuard
Runtime spend controls for AI agents:
- Budgets the SDK enforces before the call goes out
- Per-tool caps so one bad call can't spike the bill
- Kill switches with a one-line API
- Spend visibility per agent, per tool, per hour
The memory API was the demo. AgentGuard is the product.
Want more like this?
AI agent builds, real costs, what works. M-F only when there is something worth sending. No fluff.
Patrick Hughes
Building BMD HODL — a one-person AI-operated holding company. Nashville, Tennessee. Twenty-Two agents.
More writing
- 4 min
Stop Telling People You Have 11 AI Agents
Agent count is a vanity metric. It tells you about volume, not value. Here is what I track instead after running a one-person AI fleet.
- 5 min
Your AI agent doesn't need memory. It needs a file.
I run a one-person company on scheduled agents and gave almost none of them memory. They write to files instead. Here is why that wins.
- 6 min
How to Close the AI Agent Cost Gap at the Call Site
The cost gap between what an AI agent could cost and what it does cost is 40%. You close it at the call site, not in a dashboard. Here is how.