Agents & MCP
Agent identity
Giving an autonomous agent its own distinct identity — its own key, budget, and record — rather than having it act under a human's credentials. Without it, an agent's spend and actions are indistinguishable from the person who launched it.
Example
A nightly reporting agent runs under its own identity with a $50 budget and its own audit trail. When it misbehaves, you can freeze the agent without disabling the engineer who set it up — and the record shows the agent acted, not the person.
Related terms
AI agent
An AI system that doesn't just answer once but works toward a goal over multiple steps — planning, calling tools, reacting to results, and looping until done. Because an agent can make many calls per task, it can spend far more than a single prompt, and it spends without a human watching each step.
Subagent
A smaller agent spawned by a parent agent to handle a piece of the work. Subagents let one task fan out into many, which is powerful — and a spend-attribution challenge, because their cost needs to roll back up to the agent that launched them.
Virtual AI Key
A governed stand-in for a raw provider API key: a key you issue per team, person, project, or agent that carries its own budget, its own limits, and full attribution — while the real provider key stays hidden. The concept mirrors the virtual credit card, where each card has its own limit and owner. (In Tokenality these are issued as tk_live_… keys.)
Audit trail
The connected, time-ordered record of who did what, when, and under what authorization — the evidence you produce when someone asks "what happened?" For AI spend, a good audit trail records intent (the budget authorized) alongside execution (what actually ran).