When agents run in the cloud, you can at least intercept and control their spending at the network layer. When they run on-device (like Ferret-UI Lite), that control surface disappears. The agent is making decisions locally, potentially triggering payments or API calls before any centralized policy can intervene.

This is especially relevant as x402 (HTTP-native payments) matures. If an on-device agent can see and interact with apps AND make micropayments autonomously, the spending control problem gets much harder.

We're going to need proxy-based or OS-level governance layers that sit between on-device agents and payment networks. The current approach of "just set a monthly budget" won't survive autonomous on-device agents.

Surely APPLE would utilize these SOTA tools to improve things.