SafeRun blocks agent loops, enables replay

SafeRun introduced an inline reliability layer for AI agents on May 15, saying the product validates tool calls before execution, breaks execution loops and records runs for replay debugging. The launch was published in a DEV post under the SafeRun account and mirrored on Forem. The company said the layer is aimed at production agents that take real actions, including moving money, modifying records and contacting customers. It said the product can be deployed as managed software-as-a-service or self-hosted in a customer’s virtual private cloud. ### What exactly did SafeRun say it launched on May 15? The May 15 post described SafeRun as “an inline reliability layer for AI agents” that sits before tool execution rather than after the fact in logs. SafeRun said the product performs inline policy evaluation, loop and cost circuit breaking, human approval routing and frame-by-frame replay debugging. (dev.to) The company said teams can validate every tool call against declarative policies before execution, stop runaway loops, escalate ambiguous actions to a Slack approval queue and replay agent decisions when something breaks. The post framed that as a runtime control layer for agents already operating in production systems. (dev.to) ### How is this different from standard observability tooling? The launch post said traditional observability tools “tell you what happened after the agent acted,” and argued that post-event logging is too late for some production failures. SafeRun said its software is designed to sit inline and prevent a bad action before execution rather than only recording it afterward. (dev.to) That distinction is central to the company’s pitch. The examples in the post included a refund clearing, a record being deleted and an email being sent repeatedly before an operator reads the log, which SafeRun used to argue for pre-execution enforcement. ### What technical controls did the company actually name? (dev.to) SafeRun said the product offers policy checks before each tool call, circuit breakers for loops and cost overruns, and replay hooks that let teams inspect agent behavior frame by frame after a failure. The company did not publish benchmark data, pricing or customer names in the launch materials reviewed. (dev.to) The post also said the product supports human-in-the-loop approvals through Slack. That places it in the category of agent runtime controls that combine automated blocking with manual review for uncertain or higher-risk actions. ### Which agent frameworks did SafeRun say it works with? SafeRun said developers can add the layer with a Python or TypeScript decorator that wraps tool execution in three lines of code. (dev.to) The company named LangGraph, OpenAI Agents SDK, Anthropic Claude Agent SDK, Vercel AI SDK, CrewAI and Mastra as native integrations. It also said teams can place the layer at the Model Context Protocol, or MCP, layer for framework-agnostic coverage. The launch materials did not include code samples beyond that description in the snippets available through search results. The company’s own wording presented the product as developer infrastructure rather than an observability dashboard. ### Who is behind the launch, and what is public so far? (dev.to) The public launch reviewed here was posted under the SafeRun account on DEV on May 15 and appears on a Forem profile created on May 14. The profile description says SafeRun “stops bad AI agent actions before they hit prod” and repeats the themes of validation, blocking and replay debugging. The materials available through public search did not independently verify the “Tidianez” name referenced in the prompt, and the linked company site was not accessible through web retrieval during reporting. (dev.to) Because that entity could not be confirmed from reachable primary materials, this article attributes the launch to the SafeRun account and its published launch post. (dev.to) ### What comes next for users who want access? SafeRun said on May 15 that it is “opening up early access soon” and invited interested users to respond in comments or direct messages. The public launch post also pointed readers to saferun.dev, while the product positioning on DEV and Forem remained focused on production controls for agent tool use. (dev.to)