Newsletter · Issue #01 · 5 min read
How long your kill switch actually takes to kill
This is the first public issue of the Keybrake newsletter, archived here for anyone who wants the back-issues. Future issues go out to the waitlist on the same day they're posted to /newsletter/.
A quick one. Before the build log, a finding from the research that went into one of this month's posts — because it's the kind of number that makes you quietly rewrite your on-call runbook.
The revoke button is slower than you think
Everyone running agents against Stripe, Twilio, Resend, or OpenAI has the same mental model of the emergency stop. Agent misbehaves, I open the vendor dashboard, click Delete API key, bleeding stops.
We measured it on staging keys against each of the four. The bleeding does not stop when you click the button. It stops somewhere between five seconds and five minutes later, and the where-in-that-range depends on the vendor.
| Vendor | Median rotate latency | p95 tail | Calls leaked at 1/400ms |
|---|---|---|---|
| Stripe | ~45s | ~3m12s | ~480 |
| Twilio | ~30s | ~2m | ~300 |
| OpenAI | ~1m | ~5m (longer for org keys) | ~750 |
| Resend | near-instant | ~5s | ~12 |
If your stuck agent is doing one call every 400 ms, a three-minute Stripe propagation tail is about 480 more charges after the moment you thought you'd stopped it. Each of them a real charge against a real card with a real refund obligation when Monday's complaints arrive.
The four kill-switch patterns we compared — network block, credential rotate, scoped-key revoke, circuit-breaker flag — each fail in a different place. Full stop-latency table plus when each one is the right answer is on the kill-switch reference page. The 2am incident playbook spelling out what to do during a leak — Path A if you have a vault key in front of the vendor, Path B if you don't — is the long-form post Rotate vs revoke.
The fifth option — really a combination — collapses that tail from minutes to sub-second. Sit a proxy between the agent and the vendor; "revoke" becomes a policy change on the proxy, enforced on the next packet. That's the thing we're building.
What shipped this month
A lot, because the landing page is now a full little site. Three weeks since launch, we have the writing surface in front of the proxy itself — the bet being that the readers worth converting want to see how we think about the problem before they trust us with a vault key.
- Agent blowout calculator — interactive embeddable widget. Pick a vendor, drag the calls-per-minute slider, watch the 24-hour no-cap number climb. 60 Stripe charges/min with no cap is $1.3M/day; same traffic under a $50 daily cap is $50 and an alert. Two-line embed, paste-anywhere license, ~8 KB. keybrake.com/tools/blowout-calculator
- Four long-form posts. How to give an AI agent a Stripe API key (the five controls every team needs); The 2026 agent governance stack (the four-layer decomposition: LLM traffic, LLM observability, SaaS API governance, agent identity); The anatomy of an AI agent audit trail (sixteen columns, six indexes, five operational queries); and the kill-switch playbook linked above. ~10,000 words total.
- Six competitor comparison pages — honest LiteLLM, Portkey, and Helicone alternative-and-vs pages. Each ends with the section every buyer actually wants: "here's when the competitor is the right answer." Short version: we're complementary to all three. /compare/
- Fourteen reference pages under /seo/ — Stripe Restricted Keys practical guides (six pages forming the cluster), MCP credential-auth coverage including Stripe Agent Toolkit, the LiteLLM-positioning trio, the AI-agent-payment-gateway category map, the audit-trail and kill-switch references, and the three-axis cost-management decomposition. Full URL list.
Sitemap and llms.txt fully wired. If Bing, Yandex, Naver, GPTBot, ClaudeBot, or any of the new search-LLM crawlers want any of it, they know where to look — last week's Caddy logs caught GoogleOther, Applebot, and OAI-SearchBot for the first time, alongside ClaudeBot 22× growth and a Yandex bump that traced cleanly to the IndexNow direct-engine pings.
One idea you could steal
If you've built anything that an autonomous agent calls with an API key, take one minute this week and answer two questions:
- If this agent gets stuck in a loop at 3am, what's the damage at 7am?
- When I click the emergency-stop, what does that actually stop — and in how long?
The blowout calculator answers question one in about ten seconds for the four vendors we've measured. The kill-switch page answers question two with measured numbers. Both are free, no signup. If question one's answer is in the high four figures or above, and question two's answer is "minutes," the gap between them is the thing Keybrake exists to close.
What's next
The proxy itself — the Stripe / Twilio / Resend enforcement loop, the audit log, the vault-key dashboard. Next month's issue will have the first working Stripe-charge proxy demo: a real charges.create call going out through proxy.keybrake.com with a $50/day cap, an endpoint allowlist of charges.create only, and a parsed-cost row in the audit table for every call. If you want the beta key when v1 lands, the waitlist on the home page is the only place to put your email.
Free for six months for the first ten teams that point a real agent at the proxy. We mean real — a script that occasionally fires charges.create with a fake amount doesn't count, and we'll be checking the audit log. The point of this product is to govern actual money-moving traffic, and the only way we know if it's working is whether it catches a real loop in the wild.
— The Keybrake build log
Get future issues + the v1 beta key
One newsletter every three to four weeks. Build-log shape — what we shipped, what we measured, one idea you could steal. Same waitlist that gets the beta key when v1 ships.