What happens when your AI agent tries to send a payment, the network times out, and the agent retries? You get charged twice. SafeAgent is a new open-source Python library designed to prevent exactly that.
The Retry Problem
AI agents built on frameworks like OpenAI's tool calling, LangChain, or CrewAI often retry failed operations automatically. That's fine for reading data, but dangerous for irreversible actions: sending emails, processing payments, creating support tickets, or executing trades. Most teams solve this by scattering idempotency keys (unique identifiers that tell a system "you already did this, don't do it again") across individual services. SafeAgent centralizes that logic in one place.
How It Works
Every tool execution gets a unique request_id. SafeAgent records the result the first time the function runs. If the same request_id comes through again, it returns the cached result without re-executing. Under the hood, it uses a deterministic state machine with transitions from OPEN through SETTLED, with a reconciliation step for ambiguous signals. State is persisted in SQLite, so it survives process restarts.
The API is minimal:
from safeagent_exec_guard import SettlementRequestRegistry
registry = SettlementRequestRegistry()
receipt = registry.execute(
request_id="pay_abc123",
action="charge_card",
payload={"amount": 49.99},
execute_fn=charge_customer
)
Call that twice with the same request_id and the customer only gets charged once.
SafeAgent ships with integration examples for OpenAI, LangChain, and CrewAI. It requires Python 3.10+ and is available on PyPI as safeagent-exec-guard under the Apache-2.0 license. For anyone building agent workflows that touch real money or send real messages, this fills a gap that the major frameworks haven't addressed yet.