As soon as teams move from AI demos to AI operations, the problem changes.
The hard question is no longer whether an agent can call a model. It becomes:
- can this agent access this MCP server?
- should this run require human approval?
- what happens when the run exceeds policy boundaries?
- how do we know which tools were invoked?
- how do we create an audit trail when something risky is blocked?
Agent Runtime Control Tower models that missing layer.
It is a FastAPI backend that manages:
- agent registry
- MCP server inventory
- runtime policy checks
- approval workflows
- tool call traces
- incident creation for blocked or rejected runs
- runtime state capture in Redis-friendly form
- replaying a previous run to validate safer operational settings
The second iteration is no longer only a governance mock. It is designed to look like an internal platform service:
- storage is configured by
DATABASE_URL - the runtime state layer is compatible with Redis
- health output shows actual backend wiring
- replay endpoints make it easier to audit and validate past agent activity