What are Runtime Guards in MCP Fusion?

Runtime Guards are built-in protection patterns (like the Bulkhead pattern) that prevent AI agents from destabilizing your server. They manage concurrency limits, timeout bounds, and maximum execution rates at the individual tool level.

How do I limit concurrency for an expensive tool?

You can apply a concurrency guard via middleware. If an AI agent tries to execute 50 parallel instances of an expensive PDF scraping tool, the middleware will accept the first N requests and immediately fail the rest with a clear error instruction for the AI to 'slow down'.

What is an Egress payload limiter?

Payload limits protect the memory of both the MCP server and the AI client. A runtime guard checks the response byte size before transmission. If the tool generates a 50MB log file, the guard intercepts it, aborts transmission, and sends an error commanding the AI to use pagination.

Can runtime guards protect against 'Thundering Herd' scenarios?

Yes. In multi-agent environments where swarm agents might dogpile a single resource (like a specific database query), concurrency guards act as a bulkhead, shedding load predictably so the server stays healthy.

Are runtime guards configurable per environment?

Absolutely. You can inject environment variables into your runtime guards. This allows you to set aggressive concurrency limits in production while relaxing them for local `fusion dev` testing.

Runtime Guards

Introduction
Timeout
Rate Limiting
Manual Guards in Middleware

Introduction

Even with Presenter .limit() guardrails, handlers can still produce unbounded execution times or get called in aggressive loops. MCP Fusion provides built-in .timeout() and rate limiting to protect the server process.

Timeout

Set a per-tool timeout with .timeout(). If the handler exceeds the duration, the AbortSignal fires and the handler is cancelled:

typescript

const f = initFusion<AppContext>();

export const heavyQuery = f.query('analytics.heavy')
  .describe('Run a heavy analytics query')
  .timeout(60_000)   // 60 seconds
  .withString('range', 'Date range')
  .handle(async (input, ctx) => {
    return ctx.db.analytics.complexAggregation({
      range: input.range,
      signal: ctx.signal,   // pass the signal to the DB driver
    });
  });

When the timeout fires, the AI receives a structured error indicating the operation was cancelled due to timeout.

TIP

Always forward ctx.signal to async I/O (fetch, database drivers) so timeouts propagate through the entire call chain, not just the handler.

Rate Limiting

Configure rate limiting at the server level to protect backend services:

typescript

registry.attachToServer(server, {
  contextFactory: createContext,
  rateLimit: {
    maxCallsPerMinute: 60,
    perTool: {
      'billing.charge': 5,     // max 5 charges per minute
      'data.export': 2,        // max 2 exports per minute
    },
  },
});

When the rate limit is exceeded, the tool returns a structured error that tells the AI to wait before retrying.

Manual Guards in Middleware

For custom protection logic, create guard middleware:

typescript

const withConcurrencyLimit = f.middleware(async (ctx) => {
  const active = activeRequests.get(ctx.tenantId) ?? 0;
  if (active >= 10) {
    throw new Error('Too many concurrent requests. Wait for current operations to complete.');
  }
  activeRequests.set(ctx.tenantId, active + 1);
  return {
    _cleanup: () => {
      activeRequests.set(ctx.tenantId, (activeRequests.get(ctx.tenantId) ?? 1) - 1);
    },
  };
});

export const heavyExport = f.action('data.export')
  .describe('Export data in bulk')
  .use(withAuth)
  .use(withConcurrencyLimit)
  .withEnum('format', ['csv', 'json'] as const, 'Export format')
  .handle(async (input, ctx) => {
    try {
      const result = await ctx.db.export(input.format);
      return result;
    } finally {
      ctx._cleanup();
    }
  });

WARNING

Guards protect the server from resource exhaustion but should not replace business logic validation. Use guards for infrastructure safety and toolError() for business rules.

Core

Other

Prompt

StateSync

Other

Sandbox

Client

Core

Domain Models

FSM

Governance

Observability

Presenter

Prompt

Sandbox

Serialization

Server

StateSync

Runtime Guards

Introduction

Timeout

Rate Limiting

Manual Guards in Middleware

Runtime Guards ​

Introduction ​

Timeout ​

Rate Limiting ​

Manual Guards in Middleware ​

Runtime Guards

Introduction

Timeout

Rate Limiting

Manual Guards in Middleware