Agent Commerce · Features
AI agent spending limits
Spending limits define the maximum an autonomous AI agent can spend — per transaction, per day, or per merchant. They are the foundational control for safe autonomous commerce.
In Agent Commerce, spending limits are enforced by the payment policy engine before any payment executes — not monitored after the fact. If a request exceeds a limit, it is blocked or held for human review before money moves.
Types of spending limits
Agent Commerce supports five limit types, applied independently or in combination.
Per-transaction limit
Sets the maximum amount for a single payment. Any request that exceeds this ceiling is blocked or escalated to human review before execution — regardless of cumulative spend.
Daily spend limit
Caps total agent spend within a rolling 24-hour window. The policy engine tracks cumulative authorized spend and blocks new requests once the daily ceiling is reached.
Merchant allowlist limit
Restricts the agent to a defined list of approved vendors. Payments to any merchant not on the allowlist are blocked at policy evaluation — not rejected after the fact.
Purpose-tag ceiling
Applies separate limits to different spend categories. An agent can have a $500/day limit for 'api-access' payments and a separate $50/transaction limit for 'data-purchase' payments.
Human review threshold
Any request above a configurable dollar threshold is held for explicit human approval. No payment executes until a reviewer approves — the agent cannot override this.
How limits are enforced
Limits are enforced at request time — before execution, not after.
Request received
The agent submits a spend request: amount, merchant, rail, currency, and purpose tag.
Policy checks limits
The policy engine evaluates the request against all applicable limits: per-transaction ceiling, daily cumulative spend, merchant allowlist, and purpose-tag caps.
Decision returned
authorized if within all limits; blocked if a limit is exceeded; needs_review if the amount is above the human review threshold. The reason is recorded.
Record written
The authorization decision — including which limit was applied and the policy version — is written as a lineage entry before any payment executes.
Receipt issued on execution
Authorized payments produce an Ed25519-signed receipt. The receipt includes the authorized amount, policy decision, and rail confirmation — independently verifiable.
Before vs. after enforcement
Most payment systems do not enforce limits — they monitor for violations after payments execute. That means money has already moved by the time the violation is detected, and reversal is not guaranteed.
Agent Commerce enforces limits at the policy evaluation stage. If a request exceeds a limit, the decision is blocked before dispatch to the rail. There is no payment to reverse — because no payment was made.
Traditional monitoring
- ✗ Payment executes first
- ✗ Violation detected after the fact
- ✗ Reversal is not guaranteed
- ✗ No pre-execution record
Agent Commerce enforcement
- ✓ Limits evaluated before dispatch
- ✓ Blocked requests never execute
- ✓ Every decision recorded with reason
- ✓ Signed receipt on execution
Frequently asked questions
What happens when an agent exceeds its spending limit?
The payment policy engine returns a blocked decision before any payment executes. No money moves. The blocked decision is recorded as a lineage entry — including the reason and the limit that was exceeded — creating a full audit trail of the attempted spend.
Can an AI agent override its own spending limits?
No. Spending limits are enforced by the payment policy engine, not by the agent itself. The agent cannot modify its own policy or approve its own blocked requests. Policy changes require explicit configuration updates through a separate administrative path.
What is a human review threshold?
A human review threshold is a per-transaction amount above which the policy engine automatically returns needs_review instead of authorized. The payment is held until a designated human reviewer explicitly approves or rejects it. The agent cannot proceed without that approval.
Are spending limits enforced before or after payment?
Before. Agent Commerce enforces limits at policy evaluation time — before any payment is dispatched to a rail. This is a fundamental difference from post-hoc monitoring: no money moves on a request that exceeds a limit, so there is nothing to reverse.
Can I set different limits for different agents?
Yes. Each agent operates under its own policy configuration. You can assign a different per-transaction ceiling, daily limit, merchant allowlist, and human review threshold to each agent — or assign groups of agents to shared policy profiles.
Configure spending limits for your agents
Agent Commerce gives you policy-layer control over every agent payment — before money moves.