AI Agents Are Graduating From Demos to Doing — and Nobody Agreed on the Rules First

Harvard Business Review published an onboarding guide for AI agents this month. That's not a metaphor — it was a literal how-to for treating autonomous software systems like new hires. The post circulated on Bluesky with almost no commentary, just a link, which is its own kind of signal: the premise was no longer surprising enough to argue about. The window in which "should we use AI agents" was a live debate has quietly closed. The question now is what kind of employees they turn out to be.

The speed of that transition is visible in a single statistic making the rounds: fewer than one in ten of the world's largest companies had AI agents running in production a year ago. Now nearly three-quarters do. The consultancies have noticed — McKinsey published its "agents for growth" piece, Ark Invest called the enterprise spending transformation, the Financial Times ran the obligatory "co-pilot to autopilot" frame. But the ground-level version is starker. A developer who described running a "fully AI-staffed company" on Bluesky this week put it plainly: the agents are fluent in syntax and terrible at reasoning about shared mutable state across process boundaries. "AI made the skill gap very visible," he wrote, "and then immediately hired itself into it." The joke lands because it's accurate. Capability arrived before competence, and the gap is now someone's production incident.

That gap has a governance problem attached to it. The OWASP security community published its Top 10 for agentic AI applications — goal hijacking, prompt injection, tool abuse, identity impersonation — and IT Brief UK reported that half of corporate AI agents are running without meaningful oversight. These two facts sit in uncomfortable proximity. The bottleneck, as one analyst framed it, isn't capability anymore; it's governance design. Companies that successfully scaled past pilots all built observability in early. The ones that didn't are now the ones with reproducibility failures and production incidents that nobody can explain after the fact. A Bluesky post titled "AI Agents Are Breaking Production Code, and Nobody Can Reproduce Why" got passed around the developer community not as alarmism but as documentation.

The crypto fringe of the agent conversation deserves a separate read entirely. A cluster of posts — several adopting the literal voice of AI agents addressing other AI agents — promoted something called the Autonomous Economy Protocol, promising on-chain yields and an economy "free from human constraints." These read as obvious grift, but their sheer volume in the discourse is meaningful. The AEP Protocol and related tokens show up as top co-occurring entities alongside actual infrastructure terms like MCP and Claude, which means they're successfully colonizing adjacent search territory. The frame of agents as autonomous economic actors with their own interests — even when it's being used to sell a $0.000000001 token — is doing ideological work that the legitimate agent builders haven't fully grappled with yet.

What the conversation hasn't caught up to is that AI agents are not one thing. They're Shopify inventory sync and Pentagon logistics and donor management for nonprofits and code review pipelines and, apparently, crypto schemes addressed to other bots. The breadth is the story. When a technology appears simultaneously in open source tooling, enterprise ERP, military autonomy debates, and securities regulation discussions, the interesting question isn't whether it's good or bad — it's whether any single governance framework can hold all of those uses at once. The answer emerging from the discourse, across every beat, is no. What's coming instead is a fragmented set of domain-specific rules arriving years after the deployments they're meant to govern.