Containment Strategies

Containment stops the bleeding. For agent systems, containment is not just stopping the broken service — it is stopping the broken agent from taking more actions, delivering more output, and influencing more downstream processes. The containment strategy depends on the incident type.

Agent pause: halt the affected agent immediately. No new tasks, no output delivery, no autonomous decisions. Use when the agent is producing bad output or making wrong decisions. Output quarantine: the agent continues processing but all output is held in a quarantine queue for human review before delivery. Use when you suspect quality degradation but are not certain. Scope restriction: reduce the agent's operating authority — disable self-modification, disable autonomous actions, require human approval for all decisions. Use when the agent's decision-making is compromised but its output is still needed. Network isolation: disconnect the agent from other agents and external systems. Use when there is risk of contaminated output spreading to downstream systems.

1. 1. Choose Containment Level Agent pause for confirmed incidents (SEV-1, SEV-2). Output quarantine for suspected incidents (SEV-3). Scope restriction for decision failures. Network isolation for data contamination. Choose based on incident type and severity.
2. 2. Execute Within SLA SEV-1: containment within 5 minutes. SEV-2: within 30 minutes. SEV-3: within 4 hours. The containment SLA is the maximum acceptable detection gap extension.
3. 3. Verify Containment After executing containment, verify it is effective: the agent is no longer producing output, the quarantine is holding deliveries, the scope restriction is enforced. Containment that is not verified is assumed ineffective.