Documentation Index
Fetch the complete documentation index at: https://gump.build/docs/llms.txt
Use this file to discover all available pages before exploring further.
Guards
Guards are live circuit breakers that monitor an agent during execution. While gates check after a step finishes, guards watch in real-time and kill the agent immediately if a condition is met.Declaring guards
Available guards
| Guard | Description |
|---|---|
max_turns | Kill if turns exceed a threshold |
max_budget | Kill if estimated cost exceeds a dollar amount |
max_tokens | Kill if tokens consumed exceed a threshold |
max_time | Kill if wall-clock duration exceeds a threshold. Alias: timeout |
no_write | Kill if the agent writes files outside .gump/out/ |
no_write is implicitly true for split and validate step types. Override with guard: { no_write: false } if needed.
timeout is an alias for max_time — if both are present, it’s a parsing error.
What happens when a guard triggers
- The agent is killed immediately
- The worktree is reset to the pre-step state (mutations undone)
- Partial metrics are collected (tokens spent, cost so far, turns completed)
- The gate runs (it will fail)
- Retry applies — same flow as a gate failure
guard_triggered event is emitted in the ledger with the guard name, reason, and partial metrics.
Guards are reactive, not preventive
Guards react to agent behavior by parsing the NDJSON stream. There’s a small delay between the agent acting and the guard detecting it. File writes are caught and reverted via worktree reset. Network calls or other side effects outside the worktree cannot be undone.Guards vs Gates
| Gates | Guards | |
|---|---|---|
| When | After the step finishes | During execution |
| What | Compile, test, lint, schema, validators | Turn count, cost, tokens, time, file writes |
| Mechanism | Shell commands, file checks, agent workflows | Stream parsing, process kill |
| On failure | Retry applies | Retry applies (via gate fail) |
| LLM involved | Only for workflow validators | Never |