Fleet 1.13:Teams are now shipping 5x more PRs with autonomous pipelines.See what's new →
FleetFleet
Glossary

Agent Quarantine

Agent quarantine is the practice of automatically suspending an AI agent from active work when its behavior exceeds a risk threshold, isolating it from further actions until a human investigates and explicitly re-enables it.

Quarantine is a risk containment mechanism. An agent that is modifying security-critical files, consuming tokens at an anomalous rate, opening an unusual number of pull requests in a short window, or repeatedly failing the same task is exhibiting patterns that warrant investigation before further execution.

The quarantine mechanism should be automatic — triggered by threshold breaches without waiting for a human to notice — and the threshold configuration should be explicit and auditable. 'The agent was quarantined because its risk score exceeded 0.8 due to modifications to auth/middleware.go and payments/stripe.go' is actionable; 'the agent was stopped' is not.

Quarantine is distinct from simply stopping an agent. A stopped agent can be restarted without review. A quarantined agent requires an explicit human decision to re-enable, creating an intervention point where the human reviews what triggered quarantine and whether the underlying cause has been addressed.

How this relates to Fleet

Fleet's brain daemon continuously computes a risk score for each active agent using a logistic regression model over operational signals — error rate, restart count, blocked-task count, silent hours, uptime, evaluation score, and SLA compliance. When the risk level reaches critical, the agent is automatically quarantined. The fleet brain insights command surfaces the quarantine trigger details for human review.

Frequently asked questions

How long should an agent remain in quarantine?

Until a human reviews the trigger event and makes an explicit decision. Automatic time-based quarantine release (the agent comes back after an hour) defeats the purpose — if the underlying risk condition has not been addressed, the agent will behave the same way again. The review should result in either re-enabling the agent, modifying its configuration to reduce future risk, or permanently stopping it.

What actions should trigger automatic quarantine?

Common triggers: risk score above a threshold, token consumption rate exceeding 3x the agent's normal baseline, modifications to security-sensitive file paths (auth, payments, secrets management), repeated identical failures suggesting a stuck loop, and any attempt to access resources outside the agent's configured scope.

Related terms

Agent Risk ScoringAI Agent GovernanceAgent ObservabilityApproval Gate

Run your first agent fleet

One binary. Five minutes. See every agent, coordinate every handoff, and keep a full audit trail of what your fleet did.

See how it worksInstall Fleet
← Back to the AI agent glossary