DAILY NEWS

Stay Ahead, Stay Informed – Every Day

Advertisement
Gartner Says 40% of AI Agents Will Be Decommissioned by 2027. The Kill Switch Is Why.



Gartner predicts that by 2027, 40% of enterprises will demote or decommission autonomous AI agents due to governance gaps identified only after production incidents occur.

The instinct when something goes wrong: kill it. Revoke access. Freeze the wallet. Shut it down.

Cerbos published the counter-argument that CISOs are now adopting: “Allow or revoke. Deploy or kill. That works in a lab. It does not work in a hospital, a bank, a payments network, or any environment where the agent is doing something a human used to do, and stopping it instantly creates a different incident than the one you were trying to prevent.”

The kill switch creates a second incident. The industry needs a dimmer switch.

Why Binary Stop Creates Cascading Failure

An AI agent processing payments is not a standalone program. It is embedded in a workflow. Other agents depend on its outputs. Downstream systems expect its responses. Customers are mid-transaction.

# What happens when you kill an agent mid-workflow:

# Agent: procurement_bot (handles vendor payments)
# Status: anomaly detected (unusual vendor, high amount)
# Instinct: KILL IT

kill_switch_consequences = {
“in_flight_transactions”: 12, # Now orphaned
“downstream_agents_waiting”: 3, # Will timeout and retry
“vendor_expectations”: 4, # Payments promised, never delivered
“reconciliation_gap”: “$14,200”, # Money left in limbo
“sla_violations”: 2, # Customer-facing deadlines missed
“recovery_time”: “4-8 hours”, # Manual intervention required
“second_incident_severity”: “P2” # The kill caused its own incident
}

# The kill switch “solved” a suspicious $800 transaction
# But created $14,200 in orphaned transactions + 2 SLA violations
# Net result: worse than the original anomaly

Enter fullscreen mode

Exit fullscreen mode

mintmcp documented the gap: “Most organizations can monitor what their AI agents are doing but the majority cannot stop them when something goes wrong.” The organizations that CAN stop them discover that stopping creates its own damage.

The Dimmer Switch Pattern

Instead of binary on/off, production agent governance needs graduated response:

from rosud_pay import Governance, DimmerSwitch

# Production-grade agent control (not binary kill):
governance = Governance.configure(
agent=”procurement_bot”,
control=DimmerSwitch(
# Level 5: Full autonomy (normal operation)
level_5={
“daily_limit”: 5000,
“per_tx_max”: 1000,
“categories”: “all_authorized”,
“approval_required”: False
},

# Level 4: Reduced autonomy (first sign of anomaly)
level_4={
“daily_limit”: 2000, # Reduced
“per_tx_max”: 500, # Reduced
“categories”: “existing_vendors_only”,
“approval_required”: False,
“trigger”: “anomaly_score > 0.3”
},

# Level 3: Supervised (confirmed anomaly)
level_3={
“daily_limit”: 500,
“per_tx_max”: 100,
“categories”: “pre_approved_list”,
“approval_required”: “above_50”, # Human approves > $50
“trigger”: “anomaly_score > 0.6”
},

# Level 2: Restricted (investigation active)
level_2={
“daily_limit”: 0, # No new spending
“existing_commitments”: “honor”, # Finish in-flight
“approval_required”: “all”,
“trigger”: “security_team_escalation”
},

# Level 1: Frozen (confirmed breach)
level_1={
“all_transactions”: “blocked”,
“in_flight”: “graceful_complete_or_refund”,
“notification”: “all_downstream_agents”,
“trigger”: “confirmed_compromise”
}
)
)

# Result: anomaly detected → Level 5 to Level 4 in 50ms
# No orphaned transactions. No SLA violations. No second incident.
# Investigation proceeds while agent continues at reduced capacity.
# If confirmed malicious: gradual freeze, not instant kill.

Enter fullscreen mode

Exit fullscreen mode

The 40% Decommission Problem

Gartner’s 40% prediction is not about agent capability. It is about governance response. When the only response to a production incident is “turn it off,” organizations conclude the agent is too risky to operate.

builtin documented the pattern: enterprises now treat AI agents as first-class identities requiring JIT (just-in-time) access and instant kill switches. But the kill switch alone is insufficient. What they actually need:

# What enterprises discover after decommissioning agents:

decommission_reasons = {
“governance_gap_discovered_after_incident”: 0.65, # 65%
“no_graduated_response_available”: 0.52, # 52%
“kill_switch_caused_secondary_damage”: 0.38, # 38%
“could_not_prove_agent_was_safe_to_restart”: 0.44, # 44%
“audit_trail_insufficient_for_root_cause”: 0.41 # 41%
}

# The path from “decommission” to “keep running safely”:
from rosud_pay import AgentLifecycle

lifecycle = AgentLifecycle.configure(
agent=”procurement_bot”,
governance={
# Graduated response (not binary)
“response_levels”: 5,
“auto_escalation”: True,
“auto_de_escalation”: True, # Return to normal after resolution

# Prove safety for restart
“restart_criteria”: {
“root_cause_identified”: True,
“fix_deployed”: True,
“governance_gap_closed”: True,
“audit_trail_complete”: True
},

# Continuous governance (not point-in-time)
“monitoring”: “real_time”,
“anomaly_detection”: “behavioral_baseline”,
“budget_enforcement”: “per_transaction”,

# The key differentiator: DIMMER, not SWITCH
“on_anomaly”: “reduce_autonomy”, # Not “kill”
“on_resolution”: “restore_autonomy” # Automated recovery
}
)

Enter fullscreen mode

Exit fullscreen mode

The Business Case for Graduated Control

lumenova documented the shift: AI governance maturity is now treated like a credit rating. Institutional clients demand proof of model lineage, hallucination rates, and governance capabilities before granting mandates.

The organizations that decommission agents lose the investment. The organizations with graduated control keep agents running safely through incidents:

Incident detected: reduce autonomy (not kill)
Investigation proceeds: agent continues at restricted level
Root cause found: fix deployed, autonomy restored
No second incident. No orphaned transactions. No SLA violations.
Agent stays in production. Investment preserved.

The Bottom Line

The kill switch is the reason 40% of agents will be decommissioned. Not because agents are dangerous. Because the only response to danger is destruction. That is not governance. That is giving up.

rosud-pay provides the dimmer switch for agent spending. Five levels of graduated response. Automatic escalation on anomaly detection. Automatic de-escalation on resolution. In-flight transaction protection. Zero orphaned payments. Zero secondary incidents.

Keep your agents running safely through incidents. Do not kill them and call it governance.

Implement graduated agent control: rosud.com/docs



Source link

Building a Multi-Vendor Marketplace From Scratch: Lessons From 30,000 Lines of React


By Faiz Ullah — Full-Stack Developer & Founder of DG Technology

Most “build an e-commerce site” tutorials stop at a product list and a cart. They don’t deal with the actual hard part: three different types of humans — customers, sellers, and admins — all needing their own secure space inside the same app, talking to each other in real time, without ever stepping on each other’s data.

That’s what I set out to build with Ecommerce, a multi-vendor marketplace that grew to over 30,000 lines of React. Here’s what I learned engineering it.

The Real Challenge: Three Apps in One

A single-vendor store is one application. A multi-vendor marketplace is really three applications sharing a database:

Customers browse, buy, and chat with sellers

Sellers manage their own storefront, fulfill orders, and request payouts

Admins oversee everyone — approving sellers, resolving disputes, releasing payouts

The temptation is to bolt all three onto one App.js with a bunch of if (userType === ‘admin’) checks scattered everywhere. That gets unmanageable fast. Instead, I built three fully independent authentication systems, each with its own protected route guard:

Route element={ProtectedCustomerRoute />}>…Route>
Route element={ProtectedSellerRoute />}>…Route>
Route element={ProtectedAdminRoute />}>…Route>

Enter fullscreen mode

Exit fullscreen mode

Each guard checks its own session state independently. A seller session can never accidentally leak into the admin view, even if someone tries to manipulate the URL directly.

Real-Time Chat Without a Custom Server

I wanted buyers and sellers to message each other live — no page refresh, no polling. Rather than standing up a WebSocket server, I leaned on Firestore’s real-time listeners, which turned out to be the right call for a project this size:

onSnapshot(query(messagesRef, orderBy(‘timestamp’)), (snapshot) => {
// UI updates instantly as new messages arrive
});

Enter fullscreen mode

Exit fullscreen mode

This single pattern powers chat, unread-message counts, and live presence — all without me managing a single socket connection.

The Presence Problem

Showing whether a seller is “online” sounds trivial until you actually build it. A simple isOnline: true flag breaks the moment someone closes their laptop without logging out — they stay “online” forever.

The fix is a heartbeat pattern: the seller’s client writes a lastSeen timestamp every few seconds while the tab is active, and stops the moment the tab closes or loses visibility:

document.addEventListener(‘visibilitychange’, () => {
if (document.hidden) stopHeartbeat();
else startHeartbeat();
});

Enter fullscreen mode

Exit fullscreen mode

Anyone viewing the seller’s profile just checks: was the last heartbeat recent? No server-side cron job needed, no stale “online” ghosts.

Media at Scale: Don’t Make Your Database Hold Images

Early on I made the rookie mistake of storing image data directly. That doesn’t scale — Firestore documents have size limits, and serving large base64 blobs kills load times.

The fix was routing all uploads through Cloudinary, using unsigned upload presets so the API secret never has to live in client-side code:

formData.append(‘upload_preset’, cloudinaryConfig.uploadPreset);
const res = await fetch(`https://api.cloudinary.com/v1_1/${cloudName}/upload`, {
method: ‘POST’, body: formData
});

Enter fullscreen mode

Exit fullscreen mode

Cloudinary then handles resizing, format conversion, and CDN delivery — the database only ever stores a URL.

The Payout Problem Nobody Talks About

Letting sellers earn money is the easy half. Letting them withdraw it safely is the half that actually matters. I built a dedicated WithdrawalRequestsManager so that:

A seller requests a withdrawal
The request enters a pending queue — funds are not released automatically
An admin reviews and approves it manually before money moves

This manual checkpoint is deliberate. Automating payouts sounds efficient until the first fraud attempt — a human review step at the money boundary is the cheapest fraud prevention you can build.

What I’d Tell Someone Building Their First Marketplace

Separate your three user types from day one. Retrofitting role isolation onto a single auth system later is painful.

Use your database’s real-time features before reaching for a custom server. Firestore’s listeners replaced what would have been a whole separate real-time service.

Never store binary media where structured data lives. Offload it to dedicated media infrastructure immediately.
Put a human checkpoint wherever money actually leaves the system.

The Stack

Layer
Technology

Frontend
React, React Router

UI
Material UI (MUI)

Database
Firebase Firestore

Auth
Firebase Authentication

Realtime DB
Firebase Realtime Database (presence)

Media
Cloudinary

Faiz UllahFull-Stack Developer · Founder of DG Technology🌐 faizullah.pk · 💻 github.com/faizullahpk/multivendor-marketplace

If you’re building something with multiple user roles and real-time data, I’d love to hear about it — follow along for more on shipping real-world full-stack systems.



Source link

Most Repos Look Fine. Until They Don’t.



You’ve been there.

You clone a repo. The README looks solid. There’s a Dockerfile. Maybe a docker-compose.yml. Everything appears set up.

Then you spend the next three hours chasing a missing config variable, an outdated base image, or a local development assumption that only makes sense if you’ve worked on the project for six months.

No one documents these things properly. They live in team memory, Slack threads, and that one engineer who “just knows.”

That’s the kind of engineering pain nobody tracks, and everybody absorbs.

The Hidden Tax on Every Team

Let’s be honest about what’s really happening.

Most engineering teams have gotten good at the visible stuff: code reviews, test coverage, deployment pipelines. But there’s a layer below all of that, repository readiness, that almost nobody validates with the same rigor.

Can a new developer clone this repo and actually run it?Does the Docker setup reflect how the project actually works today?Has the repo drifted from the workflow the team thinks it has?Is there tribal knowledge baked into the setup that stays invisible until something breaks?

These aren’t dramatic problems. That’s exactly why they survive so long.

The cost doesn’t show up in a postmortem. It shows up as:

onboarding that takes days instead of hours
“works on my machine” becoming a running joke
CI failures no one can explain right away
setup bugs being rediscovered by every new hire

None of that gets assigned a ticket. It just quietly eats time.

Why I Built dockgate

I got tired of watching this happen.

Not just to me, but to every developer stuck in the gap between “the repo exists” and “the repo actually works.” That gap has a real cost, and most of it is preventable.

So I built dockgate, a CLI that sits squarely in that gap and does one thing well:

It tells you whether a repository is actually ready to run, maintain, and trust.

Not whether the code is clean.Not whether the tests pass.Whether the operational layer, the Docker setup, project conventions, and environment assumptions, reflects reality.

What dockgate Actually Does

1. It detects what kind of project it’s dealing with

A Node.js repo, a Python repo, and a multi-service project should not be evaluated against identical expectations. dockgate starts with project detection so its checks stay relevant instead of noisy.

2. It uses a rules engine, not guesswork

This is where the tool stops being a script and starts becoming infrastructure.

Instead of scanning for random files and printing generic advice, dockgate uses a structured rule catalog. That makes evaluations more consistent, repeatable, and extensible.

You can use it for:

onboarding triage
repository audits
drift detection over time
validating Docker setup before handoff

Rules evolve as standards evolve. That’s where the leverage comes from.

3. It doesn’t just diagnose, it points forward

A lot of tools are good at listing what’s wrong. Fewer are designed to help you move toward a better state.

dockgate includes setup-oriented workflows so it can be part of actual remediation, not just diagnosis.

4. It fits how developers already work

It’s a CLI. It runs in the terminal. It works with hooks, audit scripts, and existing shell workflows.

That matters.

Good developer tools don’t ask people to change how they work just to get value.

What Makes It Different

There’s no shortage of linting tools, repo templates, and CI validators out there.

But dockgate focuses on something most of them skip: the setup layer. More specifically, the distance between “this repo exists” and “this repo is actually ready.”

That difference shows up in:

Docker support that works on paper but breaks in practice
README instructions that were accurate six months ago
environment assumptions only one team member still understands
local setups that quietly diverge from production

When the setup layer is unclear, the team pays for it every time someone new joins, every time a CI assumption breaks, and every time somebody has to reverse-engineer how the project is supposed to run.

dockgate makes that invisible layer visible.

On Shipping It Like a Real Tool

One thing I felt strongly about from the start was this:

there’s a huge graveyard of useful scripts that never became useful tools because they never crossed the gap between “works on my machine” and “someone else can install and trust this.”

I wanted dockgate to cross that gap deliberately.

That meant doing the less glamorous work too:

npm package support
PyPI wrapper support for Python environments
a changelog
a release checklist
a proper license
regression fixtures
a GitHub Actions publishing workflow

It also meant treating mixed-language teams as real users. dockgate is fundamentally an npm package, but developer teams rarely live in a single ecosystem. A PyPI wrapper lowers friction, and in developer tooling, accessibility often decides whether something gets tried at all.

The Lesson I Didn’t Expect

Building this reinforced something I keep coming back to:

some of the highest-value engineering work lives in problems people dismiss as small.

Setup friction looks small.Repository drift looks small.Docker inconsistency looks small.

Until it’s slowing down every sprint and nobody can fully explain why.

That’s the thing about infrastructure drag: it rarely announces itself. It accumulates. And it is always cheaper to catch early.

What’s Next

Right now, dockgate focuses on repository readiness and Docker validation. But the direction is bigger than that.

I can see it growing into:

stronger standards-driven validation
better drift detection over time
richer project profiles and baselines
more actionable remediation workflows

The foundation is rules-driven and extensible, which means it can grow with the teams that use it.

One Last Thought

A repository is not just a folder of code.

It’s an operational interface for every developer who touches it. When that interface is confusing, fragile, or full of hidden assumptions, the team pays for it whether they acknowledge it or not.

“It looks fine” is one of the most expensive things a repository can say.

dockgate is built to stop teams from taking that at face value.

Try dockgate on npm



Source link