This is a great insight, thank you for sharing!

A few follow-ups if you don't mind:

- When you say "tightening execution boundaries," are you doing this at the orchestration layer (LangChain/CrewAI/custom), or did you build middleware that sits between the agent and APIs? - How do you handle the tradeoff between narrow permissions per step vs. agent flexibility? - For "step-level control and visibility gap" - that is the most impactful insight. I'm trying to wrap my head arond this particular one. Looks like that sooner or later this gap may be addressed by current AI models providers.