Agents need a workspace
An AI agent is useful when the path cannot be fully known in advance. It might need to search a knowledge base, compare records, call a tool, draft a response, or ask for clarification.
That autonomy needs a workspace: approved tools, allowed actions, data access, logging, retry limits, and handoff points. Without those controls, the agent is just a prompt with too much permission.
What an agent should and should not do
- Let agents investigate, classify, draft, summarise, enrich, and prepare.
- Let agents update low-risk records after testing.
- Require human approval for sensitive messages, financial changes, deletions, refunds, and legal or medical decisions.
- Avoid agents where the business cannot define what a good result looks like.
- Keep audit logs for every tool call and output.
The agent stack
A production agent stack usually includes a model, tools, memory or retrieval, workflow orchestration, permissions, evals, monitoring, and a user interface for review. The model is not the whole product.
For many businesses, the best system is hybrid: deterministic automation handles routing and storage, while the agent handles the judgement-heavy step.
How to measure agent work
Measure completed tasks, review rate, escalation rate, cycle time, correction rate, and business outcomes. Do not measure success by how autonomous the agent looks.
The goal is not maximum autonomy. The goal is controlled autonomy that saves time without making the business nervous.