AgentGuard: governance for AI agent payments

AgentGuard is the governance layer for autonomous AI agent payments. In 2026, every AI agent will handle money. The two existing options : give the agent wallet keys and one prompt injection drains the treasury; put a human in the loop on every payment and you've killed the autonomy. AgentGuard is the third option - a thin policy, audit layer that sits between the agent and the rail. How it works. Operators write a YAML policy: spending caps, allowlists, approval rules, intent-verification sensitivity, kill-switch authorization. AI agents built on the Claude Agent SDK, LangChain, AutoGen, or anything else — call guard.pay() instead of Circle directly. AgentGuard intercepts the call and runs five governance layers in sequence: kill switch → ERC-8004 identity → policy → anomaly detection → Claude Haiku 4.5 intent classifier. Only approved requests are forwarded to Circle Developer-Controlled Wallets for settlement on Arc Testnet. Both approvals and blocks write an on-chain audit receipt as a USDC nanopayment. Three lines of SDK code on the agent's side; one YAML file + a live operator dashboard on the operator's side. Why this only works on Circle. Per-decision audit logging is the entire premise of safety infrastructure for AI agents. At 5M decisions/day, Stripe events cost $1.5M/day, L2 gas ~$50K/day, Solana ~$1K/day. Circle Nanopayments settling on Arc: $0/day. Gateway batches authorizations into one Arc tx, USDC is the native gas, sub-second finality lets us run the audit synchronously inside the agent's request cycle. AgentGuard isn't a product that uses Circle — it's a product that requires Circle. What's live today. Operator dashboard at agentguard-kappa.vercel.app. Self-hostable API on Railway with real Circle settlement. Python SDK on PyPI: pip install agentguard-protocol (v0.1.1, MIT). Open-source repo at github.com/vikramRooT/agentguard. every audit receipt clickable from the dashboard, verifiable on the public block explorer at testnet.arcscan.app.