If you want to check for agent that can compute stuff, then you can let it compute sha256 of some small string... that's quite tricky for humans to do by hand :)
Yeah but the whole point is that it shouldn't be deterministic - aka you have to let the "dumb" (non AI) bots out as well (otherwise a malicious user can just create thousands of api keys)