What are the best practices for AI agent kill switch design?

Answer

Five principles:

1. Speed — propagation from trigger to full halt must complete in under 100 milliseconds. Use Redis pub/sub, not database polling.
2. Scope — support both individual agent kills and org-wide emergency kill-all switches.
3. Graceful degradation — agents must handle mid-action termination safely (rollback transactions, release locks, notify dependents).
4. Authorization — kill switches should require appropriate role-level authorization but never be blocked by the agent itself.
5. Audit — every kill switch activation must be logged with who triggered it, why, and what state the agent was in. Test kill switches regularly in production — an untested emergency control is no control at all.