Kill Switch

Emergency agent shutdown at priority 999. Kill one agent or your entire fleet in a single call.

Emergency agent shutdown at priority 999 — the highest priority in the policy engine. When activated, it overrides every other policy rule. Kill one agent or your entire fleet in a single call.

How It Works

The kill switch injects a blocking policy rule at priority 999 into the governance instance. Since the policy engine evaluates rules in priority order (highest wins), this rule overrides everything else — including allow rules, approval rules, and custom policies.

When an agent is killed, its storage status is also updated to quarantined and a critical severity audit event is logged.

Setup

import { createGovernance } from 'governance-sdk';
import { createKillSwitch } from 'governance-sdk/kill-switch';

const gov = createGovernance({ rules: [...] });
const killSwitch = createKillSwitch(gov);

Kill a Single Agent

// Kill a single agent — blocks ALL actions immediately
const record = await killSwitch.kill(
  'rogue-agent-42',
  'Detected unauthorized data access in production',
  'security-team',  // optional: who initiated the kill
);

// record:
// {
//   agentId: "rogue-agent-42",
//   reason: "Detected unauthorized data access in production",
//   killedAt: "2026-03-10T14:30:00Z",
//   killedBy: "security-team",
//   storageSynced: true
// }

// Any subsequent enforce() call for this agent is blocked:
const decision = await gov.enforce({
  agentId: 'rogue-agent-42',
  action: 'tool_call',
  tool: 'anything',
});
// decision.blocked → true
// decision.reason  → "[KILL SWITCH] Detected unauthorized data access in production"

Kill All Agents

The fleet-wide kill switch blocks every enforce() call for every agent, regardless of agent ID.

// Kill ALL agents fleet-wide — nuclear option
const records = await killSwitch.killAll(
  'Security incident — all agents halted pending investigation',
  'incident-commander',
);

// Every registered agent is now quarantined.
// ALL enforce() calls return blocked, regardless of policy rules.

// Check fleet kill status
killSwitch.isFleetKilled();  // → true

// Check individual agent
killSwitch.isKilled('any-agent');  // → true (fleet kill covers all)

Warning: Fleet kill is the nuclear option. Every agent in the process is immediately halted. Use it only for genuine emergencies.

Revive Agents

After investigation, revive agents to restore normal operation. Reviving removes the kill switch rule and restores the agent status.

// Revive a single agent after investigation
await killSwitch.revive('rogue-agent-42', 'Investigation complete — cleared');

// Agent status restored to "approved"
// Kill switch policy rule removed
// Audit event logged: "agent_revived"

killSwitch.isKilled('rogue-agent-42');  // → false

// Revive all agents (deactivate fleet kill)
await killSwitch.reviveAll('Incident resolved — fleet operations resuming');

killSwitch.isFleetKilled();  // → false

Inspect Kill State

// Get all active kill records
const records = killSwitch.getKillRecords();
// [
//   { agentId: "rogue-agent-42", reason: "...", killedAt: "...", ... },
//   { agentId: "leaky-bot",      reason: "...", killedAt: "...", ... },
// ]

// Check if a specific agent is killed
killSwitch.isKilled('rogue-agent-42');  // → true

// Check if fleet-wide kill is active
killSwitch.isFleetKilled();  // → false

Use Cases

Runaway Agent

An agent enters a loop making hundreds of API calls per minute. Kill it instantly while you investigate the root cause.

killSwitch.kill(agentId, 'Runaway loop detected')

Security Incident

You detect a prompt injection attack or data exfiltration attempt. Kill the compromised agent and optionally the entire fleet.

killSwitch.killAll('Active security incident')

Compliance Emergency

An auditor discovers a policy violation. Halt all agents while you remediate and re-certify.

killSwitch.killAll('Compliance hold — pending re-certification')

Deployment Rollback

A new agent version is behaving unexpectedly in production. Kill it while you roll back.

killSwitch.kill(agentId, 'Bad deploy — rolling back to v2.3')

Cost Control

An agent is burning through your LLM token budget. Kill it before costs escalate further.

killSwitch.kill(agentId, 'Token budget exceeded')

Limitations

Warning: Process-local: The kill switch operates within a single process. If you run agents across multiple servers or containers, a kill in one process does not propagate to others. Use the Governance Cloud API for distributed kill switch across a fleet.

Warning: Storage sync is best-effort: If the agent doesn't exist in storage (e.g., never registered), the policy rule is still injected and blocks enforcement. The storageSynced field in the kill record indicates whether storage was updated.

Note: For production deployments spanning multiple processes, connect to Governance Cloud for a distributed kill switch backed by Redis pub/sub.