Control and govern AI agents in production | LaunchDarkly

This guide summarizes the LaunchDarkly patterns for managing agent behavior outside of code, monitoring it continuously, and correcting it automatically when it goes wrong.

Agents can make autonomous decisions in production. Without runtime control, you can observe the results but cannot intervene. By the time drift or degradation is visible, customers may have have already felt it. LaunchDarkly offers remediation and protection options to prevent or mitigate bad outcomes from misbehaving agents.

Prerequisites

To complete this guide, you need the following:

A LaunchDarkly account with AgentControl and Guarded releases enabled.
LaunchDarkly installed and initialized in your application. To learn more, read SDK overview.
At least one AI agent running or ready to deploy in production.

The governance problem

When you have agents with hardcoded configurations running in production, three things can go wrong:

Drift: model behavior changes with new versions, traffic patterns, or data shifts. You find out weeks later.
Silos: every team builds their own control for their agents. There are no shared standards and no consistent audit trail.
Observation without control: you can see something is wrong, but fixing it is slow, costly, and obvious, because it requires a redeploy.

LaunchDarkly addresses all three by moving agent configuration, including prompts, models, and parameters, out of code and into a centrally managed, auditable runtime layer called AgentControl.

Step 1: Move agent configuration into AgentControl configs

The foundational step is to place hardcoded prompts, model selections, and behavioral parameters with LaunchDarkly AgentControl configs. Everything else depends on the ability to change agent behavior without touching code.

To learn more, read AgentControl.

Every team that deploys agents should reference the same AgentControl config structure. This gives you a single place to update behavior, a shared audit trail of what changed and when, and consistent governance across deployments.

Here is an example of retrieving an agent’s active configuration in Python:

1 # Fetch the active config for this agent and context
2 agent_config = aiclient.agent_config("customer-support-agent", context, default_config)
3 
4 response = agent.run(
5     model=agent_config["model"],
6     system_prompt=agent_config["system_prompt"],
7     tools=agent_config["enabled_tools"],
8     user_input=user_message
9 )

Step 2: Define guardrails and evaluation metrics

Connect each AgentControl config to the metrics that reflect acceptable agent behavior. Define the thresholds that indicate drift or degradation before you release to production, not after.

The following table shows metrics worth monitoring for most production agents:

Category	Examples
Quality	Judge scores for correctness, relevance, and safety
Cost	Tokens per interaction, spend per session
Latency	Time to first token, end-to-end response time
Business impact	Task completion rate, escalation rate, user satisfaction

Set thresholds for each. When a threshold is crossed, LaunchDarkly executes the remediation action you configure, such as rerouting traffic, reverting to a known-good config, or disabling a behavior entirely.

Step 3: Release gradually and monitor continuously

Roll new agent configurations out to a percentage of traffic, rather than all users at once. As the rollout progresses, LaunchDarkly measures your connected metrics for each config variation and tracks behavioral changes across real interactions, including traces, outputs, and evaluation scores.

This gives you the data to make a confident promotion decision, and it limits exposure if a new config degrades in production.

Treat every config update as a release

Treat every agent config update as a release, even prompt changes that feel minor. Small prompt edits can produce significant behavioral shifts at scale.

Step 4: Correct and revert automatically

When evaluation scores degrade or thresholds are crossed, LaunchDarkly acts without waiting for human intervention. It can take one or several of these actions:

Swap to a fallback model.
Revert to the previous known-good prompt configuration.
Disable a specific tool or behavior.
Reroute traffic away from the degraded agent path.

The change takes effect in milliseconds. Most users never encounter the degraded behavior.

For issues that require human review before remediation, configure an alert action instead. LaunchDarkly notifies your on-call channel while holding the current config stable.

Step 5: Verify your controls work

Before relying on automated governance in production, validate the full loop in a non-production environment. Here’s how:

Introduce a config change that crosses a defined threshold.
Confirm LaunchDarkly detects the threshold violation.
Confirm the remediation fires by checking that the config reverts, traffic reroutes, or an alert triggers.
Confirm your agent picks up the config change without a redeploy.

If remediation doesn’t fire, verify that your metrics source is connected and reporting data, and that your agent evaluates the AgentControl config with the correct context key.

Next steps

To continue, explore the following topics:

AgentControl for full configuration, variation, and audit trail setup.
Experimentation to measure config variations against production baselines.
Guarded releases to configure automated rollback thresholds.
Metrics to feed behavioral signals into your governance layer.