Build for the Hour After Failure

Build for the Hour After Failure

Stack Research
research engineering

Agent systems get designed for launch day. The first hour after failure is usually an afterthought.

At 4 a.m., the model isn’t your problem. The missing rollback plan is.

Teams spend serious time on prompting, tool wiring, and evaluation. Then one bad action in production reveals the gap: they built autonomy but not recovery.

When a person makes a mistake, there’s usually structure around it. A manager gets paged. A runbook gets followed. Context gets reconstructed. When an agent makes a mistake, recovery is improvised.

That’s a design failure.

The Missing Layer

Agent systems need a recovery layer — not another benchmark or confidence score, but dedicated machinery for making failures bounded, reversible, and useful.

What the Recovery Loop Looks Like

Every high-impact automated action should have five things attached:

  1. Freeze. Stop further mutations in the affected scope.
  2. Trace. Reconstruct exactly what happened — state changes, identity, sequence.
  3. Contain. Prevent the blast from spreading to other environments and workflows.
  4. Rollback. Execute a tested reversal with explicit safety checks.
  5. Harden. Turn the incident into a policy update and a regression test.

If any stage is missing, you don’t have recovery. You have hope.

What This Looks Like in Practice

This isn’t governance language. It’s runtime machinery:

  • Scoped kill switches. Per-tool, per-environment stop controls. Not one global panic button.
  • State journals. Immutable snapshots before and after every action, tied to action IDs.
  • Identity quarantine. Automatic credential suspension when behavior crosses a threshold.
  • Rollback broker. A service that stores and runs validated inverse operations.
  • Blast radius map. A dependency graph showing what’s still exposed.

These pieces usually exist somewhere, scattered across separate systems. The problem is they aren’t wired together. Recovery fails when these controls don’t run as one workflow.

Where to Start

Pick your top ten irreversible actions. Then:

  1. Attach a freeze rule and rollback path to each one.
  2. Require state snapshots before execution.
  3. Block cross-environment credential reuse in automated workflows.
  4. Run monthly failure drills for agent-triggered incidents.

Do this for one quarter and track two numbers: time to containment and percent of incidents with successful rollback. If they don’t improve, your autonomy is outrunning your operations.

The Point

Agent systems will keep getting better at acting. The difference will be how well teams handle the hour after those actions go wrong.

Build for that hour.