What is a protected action?

A protected action is any real agent tool or API call SafeRun checks before execution — such as a refund, payment, CRM update, email send, database write, delete action, internal API call, or production change. Internal LLM calls and model reasoning steps are not counted.

How is this different from LangSmith or Langfuse?

Those tools help teams observe, trace, and debug what agents did. SafeRun sits before tool execution and decides whether a risky action should run at all. It is an action-control layer, not observability.

Does my data leave my infrastructure?

SafeRun supports both managed and self-hosted deployments. Enterprise teams can run the full stack inside their VPC.

What frameworks do you support?

SafeRun works with Python and TypeScript agents, including OpenAI Agents SDK, Anthropic SDKs, LangGraph, LangChain, Vercel AI SDK, and MCP tool calls.

Can I write custom policies?

Yes. Policies are code. Write them in Python or TypeScript, version them in Git, test them, and deploy them like any other application logic.

When should I move from Dev to Team?

Start with Dev to test SafeRun in test mode. Move to Team when you're ready to protect production agent actions and need approval workflows, team access, and the Agent Action Safety Report.

Start in test mode

Runtime action-control for AI agents

Stop risky AI agent actions before they execute.

Replay the failure. Prevent the next one.

SafeRun sits before tool calls like refunds, emails, database writes, CRM updates, payments, and internal APIs. It can pause, block, or request approval, then capture the decision context so teams can create rules that prevent repeats.

Start in test mode See sample replay View pricing

The moment SafeRun matters

One refund. One pause. One rule.

A support agent is about to refund $1,800 because it misread a cancellation email. SafeRun sees the refund exceeds policy, pauses the action before Stripe is called, captures the agent plan, tool arguments, context, and policy decision, then turns the failure into a rule for future runs.

01Agent plans refund

02SafeRun checks

03Action paused

04Replay captured

05Rule created

06Repeat prevented

The product

Built around the action, not just the log.

Control room

Product preview

See what needs review and what is running safely.

Awaiting review3

Allowed (last 1h)127

Blocked2

Incident report

Product preview

Inspect the decision-time context behind one action.

agent.plan
tool.args
policy.match
decision: paused

Policy catalog

Product preview

Turn repeated risks into approval or blocking rules.

refund.amount > $500 → approval
delete_customer → block
email.bulk → throttle

Safety report

Product preview

Package action-safety evidence for design partners.

Actions checked

1,284

Approvals

Blocked

Rules created

Positioning

Not another observability dashboard.

Observability shows what happened after execution. SafeRun decides whether risky agent actions should execute at all.

After the fact

Observability

Shows what happened after execution
Helps debug systems
Tracks logs, traces, metrics, and evals

Action control

SafeRun

Checks risky actions before execution
Pauses, blocks, or requests approval
Captures decision-time context
Turns failures into rules

Runs alongside observability

They watch the system. SafeRun controls the action.

Use LangSmith, Honeycomb, New Relic, Datadog, or your existing observability stack to understand the broader system. SafeRun sits at the action boundary and decides whether risky tool calls should execute.

Observability stack

Traces, logs, metrics, and evals across the whole system. Answers "what happened?"

LangSmithHoneycombNew RelicDatadogLangfuseOpenTelemetry

SafeRun

Approval before execution at the tool boundary. Answers "should this run?"

agent → SafeRun check → tool call

Built for engineers and operations teams

Engineering wraps the tool. Ops owns the rules.

Engineers install SafeRun before tool calls. Operations, support, risk, and compliance teams use the review queue, policy catalog, and safety report to manage risky agent actions without filing engineering tickets for every rule change.

01Engineer wraps tool calls

02SafeRun catches risky actions

03Ops reviews approval requests

04Team creates prevention rules

05Leaders review safety report

DIY guardrails don't scale

Stop hand-writing guardrails around every tool.

Teams start with a few if-statements. Then come thresholds, approvals, retries, policy changes, audit trails, and scattered logic across every agent. SafeRun gives teams one shared action-control layer.

Who it's for

Built for agents with write access.

SafeRun is for engineering teams deploying agents that touch customer, financial, or production systems.

Refunds and creditsCRM updatesSupport emailsDatabase writesPaymentsInternal API actionsProduction changes

Drop-in integration

Wrap your tool calls. Keep your stack.

SafeRun works with Python and TypeScript agents, including OpenAI Agents SDK, Anthropic, LangGraph, LangChain, Vercel AI SDK, and MCP tool calls. The framework stays. SafeRun sits in front of the tool call.

agent.pypython

from saferun import guard

@guard(agent="support-agent", tool="stripe.refund")
def refund_customer(amount, customer_id, reason):
    return stripe.Refund.create(
        amount=amount,
        customer=customer_id,
        reason=reason,
    )

Sample replay

See the action before it becomes an incident.

A guided walk-through of one paused action and the replay SafeRun captures.

Action · pausedProduct preview

support-agent-v2 attempted stripe.refund for $1,800

Replay timeline

Customer requested refund
01 · user message
Agent selected stripe.refund
02 · tool call
Tool arguments: amount = $1,800, customer_id = cus_9281
03 · args
Policy check: refund amount exceeds $500 limit
04 · policy
Decision: paused for human approval
05 · decision
Replay saved with full context
06 · audit
Suggested prevention rule drafted
07 · rule

Metadata

Agentsupport-agent-v2

Toolstripe.refund

RiskHigh

DecisionRequires approval

StatusPaused

Run IDrun_8f42

Pricing

Priced around protected actions, not generic logs.

A protected action is a real tool or API action SafeRun checks before execution: refunds, payments, database writes, emails, CRM updates, internal API calls, deletes, or production changes.

Dev

Free

Developers testing SafeRun locally or in test mode.

Test environment
Limited protected actions
Basic replays
Quickstart
Python and TypeScript SDKs

Team

$99/month

Teams deploying agents with real tool access.

Production protected actions
Approval requests
Policy catalog
Replay history
Agent Action Safety Report

Scale

$499/month

Teams running multiple agents or higher action volume.

Higher protected-action volume
Multiple environments
Longer replay retention
Advanced reporting
Priority onboarding

Enterprise

Custom

Regulated or security-sensitive teams.

SSO
Audit logs
Compliance retention
Private deployment / VPC option
Custom policies
Dedicated support

Billing is not active in-app yet. Design partners can start in test mode and move to a paid pilot once the protected-action workflow is validated.

Give production agents a checkpoint before they act.

If your agent can refund, delete, email, update customer data, write to a database, call internal APIs, or touch production systems, SafeRun can help you test the action-control layer before you scale it.

Start in test mode Talk to us about design partnership

Questions

Latest from the blog

May 14, 2026

Why we built Replay before everything else

A note on building reliability infrastructure for AI agents.

Read