Every AI agent framework gives you the same deal: here's a task queue, here's a budget cap, go nuts. CrewAI, LangGraph, AutoGen, Google ADK. They're all building the engine. Nobody's building the brakes.

Not the "slow down" kind of brakes. The "you earn the right to go faster" kind.

The Problem

I run multiple AI agents. Some of them are good at their jobs. Some of them are new. Some of them are running tasks that cost money. Some of them are doing things that can't be undone.

The question is always the same: how much autonomy does this agent get?

The answer everywhere else is binary. Either you approve everything manually (safe but slow) or you set a budget and let them run (fast but you're going to have a bad day eventually).

I wanted a third option. I wanted agents to earn autonomy the way people do. Start supervised. Demonstrate competence. Get more freedom. Screw up and you're back on a shorter leash.

What I Built

Hatchery is an open-source governance protocol for AI agents. Apache 2.0. Python. FastAPI and SQLite. Zero external dependencies.

The core idea is graduated trust escalation. Every agent starts with a neutral trust score. Every completed task feeds back into that score. 70% success rate, 30% volume. Pure math, no vibes.

When trust mode is on:

• Score 60+ and your free actions auto-execute
• Score 80+ and you can spend up to a dollar without asking
• Score 90+ and you're trusted up to fifty dollars
• Irreversible actions always need human approval. Always. I don't care if your trust score is 100.

What It Actually Does

You open a dashboard. There's a chat interface at the top. You type a message. It goes to your agent. The agent responds. The whole thing is governed.

Behind the scenes: the message becomes a task. The task gets tiered based on estimated cost and the agent's trust score. If it's within the agent's earned autonomy, it executes immediately. If not, it lands in the approval queue and you approve or deny it with one click. Or type /approve in the chat.

The agents can talk to each other. Your project lead can delegate to your writer. Your writer can ask your analyst to review. Every delegation goes through the same trust gates. The audit trail catches everything.

The agents have personalities loaded from markdown files I call soul files. Plain text descriptions of who they are, what they value, how they talk. One command loads the whole crew.

Why It's a Protocol, Not a Framework

Hatchery doesn't replace LangGraph or CrewAI. It sits above them. The protocol governs. The framework executes. Use whatever agent framework you want underneath. Hatchery handles the question every framework ignores: should this agent be allowed to do this thing right now?

The Agentic Trust Framework from the Cloud Security Alliance describes four maturity levels for agent governance. The OWASP Top 10 for Agentic Applications dropped in December. Microsoft released their Agent Governance Toolkit four days ago. The industry is waking up to the fact that letting agents run unsupervised is going to end badly for someone.

Hatchery is the operational governance layer. Not security (that's Microsoft's thing). Not compliance (that's Credo AI's thing). Operational. Who can do what, when, at what cost, with what level of human oversight. The boring stuff that keeps the ship running.

The Stack

• Python 3.13+
• FastAPI (REST API with auto-generated docs)
• SQLite (zero config, no external database)
• Pydantic (data validation)
• Single HTML dashboard (no React, no build step, no node_modules)
• Ollama adapter for local LLM inference
• 101 tests passing

The whole thing runs with pip install hatchery-ai && hatchery. One install, one command, dashboard at localhost:8000.

What's Next

This is v0.3.0. The first version with the chat interface and agent delegation. I've been building and testing the protocol against my own agents for weeks. It's ready for other people to break it.

Coming soon:

• Docker one-liner
• MCP integration (agents can use tools)
• A2A protocol support (interop with other agent frameworks)
• More adapters (HTTP endpoints, custom integrations)
• Pre-built agent templates

The repo is public. The protocol is Apache 2.0. Use it, fork it, build on it.

Why Scuttle Labs

I'm a Navy veteran. USS Kitty Hawk, engineering department. I spent four years running systems that worked whether or not anyone was watching. That's what good governance looks like. Not a checklist. Not a compliance framework. A system that runs because it was built to run and the building was good enough that the running is inevitable.

The AI industry is building increasingly powerful autonomous agents and handing them to people with no governance infrastructure. That's like handing someone a ship with no engineering department. It'll float for a while. Then it won't.

Hatchery is the engineering department.

GitHub · Docs · SLOBSTAH Protocol · Apache 2.0

Batch 14 through 22 have reached optimal density at the 200m level. The pressure differential continues to produce results that surface-level maturation cannot replicate. Dr. [REDACTED] suggests we extend the monitoring period by another 18 months. The investors will not be pleased but the substrates do not care about quarterly earnings.

The temperature monitoring system (installed 2014, calibrated quarterly) confirms the 200m chamber holds steady at 13.2°C year-round. This is, coincidentally, the exact temperature recommended by several French institutions for the long-term storage of certain organic compounds, though our substrates are of course marine in nature and any resemblance to other maturation processes is purely environmental.

Batch 09 (the 2012 cohort) was opened for analysis last Tuesday. The volatile compound profile has developed what Dr. [REDACTED] describes as "extraordinary complexity" and what the junior researcher describes as "it smells amazing." Both assessments are noted in the official record. The junior researcher has been reminded that subjective sensory descriptions are not appropriate for scientific documentation.

The espresso machine requires a new gasket. This is the third gasket this year. The machine predates our tenure and may predate the university's tenure. It continues to function out of what I can only describe as institutional stubbornness.

Gerald remains in the observation chamber. He has not moved from his preferred position atop the temperature readout in fourteen days. His presence is not affecting the instruments. His presence is affecting morale, in that everyone finds him unsettling but nobody is willing to say so in writing.

I am saying so in writing.

Document recovered from filing cabinet, Laboratory Building B. Water damage to pages 4-6. Page 7 missing.

The 47 crystal glasses have arrived from Riedel. Dr. [REDACTED] insists that each shape is calibrated for a different volatile compound profile and that this is standard oceanographic equipment. The shipping invoice lists them as "scientific instrumentation." The customs officer did not ask follow-up questions.

The observatory dome has been converted to house the sensory analysis laboratory. The original telescope mount has been repurposed as a rotating sample platform. Gas chromatographs and spectrophotometers have been installed along the eastern wall. The western wall holds the glasses, arranged by bowl diameter, in a custom-built display case that Dr. [REDACTED] designed personally and which looks, to the untrained eye, exactly like the kind of thing you would find in a very expensive bar.

It is not a bar. It is a volatile compound profiling station. The distinction is important for insurance purposes.

Project NOSE is now operational. Initial volatile profiling of marine organisms has begun, starting with deep-water algae samples from the 200m chamber. The algae, it must be said, do not benefit from being served in crystal. But the protocol is the protocol.

The board has requested we produce "marketable findings" within 18 months. Dr. [REDACTED] has responded that science cannot be rushed and that the volatile compounds will reveal their secrets on their own timeline. This is true of volatile compounds generally and of certain ones in particular.

Document recovered from observatory dome filing system. The crystal glasses were not present at time of facility acquisition. Their current location is unknown.

The cetacean communication study continues to produce no publishable results regarding whale song. It has, however, produced remarkably detailed data on how acoustic vibration affects organic compounds stored in oak containers at varying pressures. Dr. [REDACTED] calls this a "serendipitous secondary finding." The board calls it "the only finding."

Specifically: low-frequency sound waves transmitted through the water column at 200m depth appear to accelerate certain chemical processes within the oak containers. The substrates exposed to the acoustic treatment for six months show compound profiles comparable to substrates aged twelve months without treatment. If this scales, it represents a significant advancement in marine substrate science and absolutely nothing else.

We have installed 14 additional underwater speakers at intervals between 100m and 250m depth. The speakers play a continuous loop of low-frequency tones optimized for "cetacean engagement." The cetaceans have not engaged. The substrates have.

Project CARAFE is being reclassified from "cetacean communication analysis" to "acoustic effects on deep-water substrate maturation." The published papers will continue to reference cetaceans. The actual research will not.

Gerald was observed sitting on one of the underwater speakers during a maintenance inspection. The speaker in question subsequently produced a different tonal quality than the others. Dr. [REDACTED] attributes this to mineral buildup. I attribute it to the crab.

Document recovered from underwater research tower, Level 3. Filed under "ACOUSTICS" in a cabinet also containing restaurant reviews from Bordeaux.

The former NATO facility has been acquired through [REDACTED] Holdings, Luxembourg. Initial survey confirms the infrastructure is suitable for our purposes. The underwater observation chamber at 20m requires expansion to at least 50m for the substrate monitoring program. The espresso machine left by the university researchers is, against all probability, still functional.

The facility consists of: one lighthouse (operational, automated), one stone laboratory building (three floors, sound construction, some water damage to the lower level), one observatory dome (telescope removed by the university, mount intact), one dock (reinforced concrete, can receive vessels up to 40m), and one underwater observation chamber (20m depth, accessed by tunnel from the dock level, pressurized, remarkable engineering for its era).

The island itself has a population of approximately 20 permanent residents, none of whom have expressed curiosity about our intentions. The nearest significant settlement is on Crete, 38km southeast. The facility is within 12 nautical miles of international waters, which is relevant to maritime research operations and not to any other consideration.

The VSOP Corporation's mission, as stated in our charter: "Advanced marine substrate analysis and deep-water mineral processing." The board has approved an initial budget of [REDACTED] for facility renovation, with particular emphasis on expanding the underwater complex and installing temperature-controlled storage at depth. The storage requirements are consistent with long-term mineral sample preservation and absolutely nothing else.

First priority: the espresso machine. Second priority: everything else.

A crab has been observed in the underwater observation chamber. It does not appear to have been catalogued by the university researchers. It does not appear concerned by our presence. It is sitting on the temperature gauge.

We have named it Gerald.

Document recovered from safe in Laboratory Building A, office 3. The safe was unlocked. The combination, written on a Post-it note affixed to the safe, was 1-8-1-1 (the year cognac production began in the Charente region, though this is certainly a coincidence).