HookBus™ Light is live. Every autonomous agent now has somewhere to plug in.

Uber blew $3.4 billion of Claude Code spend in four months. The EU AI Act's high-risk obligations take effect on 2 August 2026, fifteen weeks from today. Today we ship the open-source runtime that sits between your autonomous AI agent and the action it's about to take, and decides whether to let it happen, what it cost, and how to prove to the auditor that it did exactly what you told it to.

The problem is no longer hypothetical

On 15 April 2026, Uber's Chief Technology Officer Praveen Neppalli Naga admitted the company had exhausted its entire 2026 AI budget in four months. The cause: 5,000 engineers running Claude Code as an autonomous agent.

I'm back to the drawing board, because the budget I thought I would need is blown away already. Praveen Neppalli Naga, CTO, Uber · 15 April 2026

Uber is not the outlier. Individual engineers are reporting $500–$2,000 monthly Claude Code bills. One documented case turned a $0.50 bug fix into a $30 bill via 47 autonomous iterations. Cursor issued a public apology on 4 July 2025 after its new credit model drained user subscriptions in a single day.

This is not a tooling failure. It is the inevitable consequence of autonomous agents doing exactly what we asked them to, run for hours, retry on failure, iterate until the goal is met, without a runtime layer that can see, decide, and stop.

HookBus™ is that layer.

Three products. One bus. Sixty seconds to install.

Five MIT publisher shims ship alongside: Claude Code, Hermes-agent, OpenClaw, Amp, OpenAI Agents SDK, and Anthropic Agent SDK. Install via the runtime's native plugin mechanism. No central registry lock-in.

git clone https://github.com/agenticthinking/hookbus.git
cd hookbus
docker compose up -d
TOKEN=$(docker exec hookbus cat /root/.hookbus/.token)
echo "Dashboard: http://localhost:18800/?token=$TOKEN"

Sixty seconds. Bus + CRE-AgentProtect + AgentSpend, wired and authenticated. Install the shim for your runtime; events start flowing.

Built on Microsoft's Agent Governance Toolkit

CRE-AgentProtect is not a fork, not a competitor, not a reinvention. It is a HookBus subscriber that adapts Microsoft's Agent Governance Toolkit (MIT-licensed, maintained by Microsoft Corporation) to the HookBus envelope. Microsoft defines the threat taxonomy. HookBus distributes that classification across every agent runtime your company runs, Claude Code, OpenAI Agents SDK, Anthropic Agent SDK, Hermes, OpenClaw, and Amp, in one layer instead of one integration per runtime. We build on Microsoft's work. We do not claim any part of it.

Why we open-sourced it

The enterprise-infrastructure companies that defined the last decade, Red Hat, HashiCorp, Elastic, MongoDB, Sentry, all did the same thing. They gave the core away, let developers adopt it bottom-up, then sold the support, SLA, and closed-source advanced features to the enterprise above. Mitchell Hashimoto framed it this way:

Open source is the key driver around the adoption of enterprise infrastructure software. The new battleground is the hearts and minds of developers and architects who experiment with and ultimately select the winning technologies. Mitchell Hashimoto, co-founder, HashiCorp

80% of organisations now regard open source as strategically valuable to their future. The Uber data tells us $3.4B of autonomous-agent spend is already happening, ungoverned, across every enterprise running Claude Code today. HookBus™ Light is what those developers install on a Tuesday afternoon. HookBus™ Enterprise is what their CISO signs a contract for on the following Monday.

HookBus™ Enterprise: one licence, five subscribers

The commercial tier bundles five closed-source subscribers under a single licence with SLA, dedicated support, and escalation path:

• CRE Enterprise: two-layer L1+L2 policy engine. L1 deterministic regex in under 10 ms, L2 contextual reasoning via IBM Granite 4 running locally on CPU. No cloud, no GPU. Knowledge-base override, PIN escalation.
• Auditor: SHA-256 hash-chain event log. Tamper-evident. Exports SOC 2, ISO 27001, ISO 42001, and EU AI Act Article 12 compliance bundles.
• DLP Filter: PAN, National Insurance, API keys, JWT, session-token redaction. Bidirectional on prompt and response.
• KB Injector: injects organisation-specific policy and compliance context into every prompt before it hits the LLM.
• Session Memory: durable cross-session context recall, per-agent isolation, per-team retention, audit-trail linked.

Closed-source, on-premise or VPC, air-gap compatible. Built for regulated financial services, healthcare, and public sector.

The 2 August 2026 problem

Fifteen weeks from today, EU AI Act obligations for high-risk AI systems (Annex III) come fully into force. Most autonomous-agent deployments in finance, healthcare, legal, HR, and critical infrastructure will qualify. Every operator must then demonstrate, on demand:

1. A documented risk management system
2. Automatic logging of decisions and events
3. Human oversight mechanisms
4. Data governance and loss-prevention
5. Accuracy, robustness, and cybersecurity safeguards
6. Conformity assessment, EU declaration of conformity, CE marking, EU database registration

Every Enterprise subscriber in HookBus™ maps directly to one of those requirements. The European Commission's proposed “Digital Omnibus” package could postpone Annex III obligations to December 2027, but as one legal analysis put it: “Organisations should not assume this extension will materialise and should treat August 2026 as the binding deadline.”

Three ways in