Ask HN: How are you monitoring AI agents in production?

Posted by jairooh 2 days ago

Counter4Comment6OpenOriginal

With the recent incidents (DataTalks database wipe by Claude Code, Replit agent deleting data during code freeze), it's clear that running AI agents in production without observability is risky.

Common failure modes I've seen: no visibility into what the agent did step-by-step, surprise LLM bills from untracked token usage, risky outputs going undetected, and no audit trail for post-mortems.

I've been building AgentShield (https://useagentshield.com) — an observability SDK for AI agents. It does execution tracing, risk detection on outputs, cost tracking per agent/model, and human-in-the-loop approval for high-risk actions. Plugs into LangChain, CrewAI, and OpenAI Agents SDK with a 2-line integration.

Curious what others are using. Rolling your own monitoring? LangSmith? Langfuse? Or just hoping for the best?

Comments

Comment by zhangchen 15 hours ago

Langfuse + custom OTEL spans has been the most practical combo for us. The key insight was treating each agent step as a trace span with token counts and latency, then setting alerts on cost-per-task rather than raw token volume.

Comment by Horos 2 days ago

ACID & Idempotent. dataplane / controlplane. dryruns et runbook automations.

llm does not act on production. he build scripts, and you take the greatest care of theses scripts.

Clone you customer data and run evertything blank.

Just uses the llm tool as dangerous tool: considere that it will fail each time it's able to.

even will all theses llm specific habitus, you still get a x100 productivity.

because each of theses advise can ben implemented by llms, for llms, by many way. it's almost free. just plan it.

Comment by 2 days ago

Comment by verdverm 2 days ago

OTEL & LGTM, the same stack I use for monitoring everything, on a technical level.

Some of the things you mention are more often addressed by guardrails. Some of the others (quality) require some evaluation for that measure, but results can go into the same monitory stack.

Comment by RovaAI 14 hours ago

devonkelley's dashcam framing is right. The useful question isn't "how do I see what happened" - it's "how do I catch irreversible actions before they happen."

The failure modes from those incidents aren't really observability gaps. They're about permission scope and action reversibility. An agent deleting a database doesn't need better logging after the fact - it needs a clear model of what's reversible and what isn't, built into the execution loop.

What works: classify every action as either local/reversible (reads, file edits, drafts) or external/irreversible (sends, deletes, pushes, payments). The former runs autonomously. The latter gets a confirmation checkpoint with no exceptions. That one split eliminates most incident surface area without needing a dedicated SDK.

Langfuse/LangSmith are useful for cost tracking and debugging post-hoc. But they're tools for the team, not the agent. The reversibility model needs to be at the framework level.

Comment by jamiemallers 10 hours ago

[dead]

Comment by al_borland 1 day ago

I can’t imagine giving an agent access to production.

Comment by zarathustra333 1 day ago

Braintrust is great!

Comment by jamiemallers 16 hours ago

[dead]

Comment by 0coCeo 1 day ago

[dead]

Comment by devonkelley 2 days ago

[flagged]