Matt Doughty

Watched the Gemini 3.1 Flash Live demo. Zero-pause voice-to-code shifts the bottleneck from "can the model do this" to "can your team think fast enough." Most enterprises can't. They're built for PR cycles and approval gates. Voice-native breaks that workflow. How are

Talked to three EU architects last month who picked Mistral over cheaper US alternatives. Not better models—compliance was built in, not bolted on. No data residency theater. No legal ambiguity. Geography as a feature, not just infrastructure. Am I overstating how

Talked to a healthcare CTO with three agents in production making autonomous decisions. When I asked how they monitor for drift, he pulled up a 40-page governance doc from six months ago. Post-incident review doesn't work when decisions happen faster than humans can

Watched a team deploy an AI agent to prod with zero metrics. No logs on decisions. No circuit breaker. No rollback plan. These engineers wouldn't push code without CI/CD. But agents? Deploy and pray. The inconsistency is striking. What are you actually monitoring?

Three teams pulled Claude from production agents this quarter. Not switching to competitors—they stopped trusting AI workflows entirely. One CISO said "we can't govern what we can't predict." Reliability isn't a feature. It's the trust foundation. Once cracked,

Talked to a platform lead who said their biggest adoption blocker wasn't capability—it was context loss. Every tool switch meant starting over. Google just made that cost visible by shipping history import. That's the real competitive war now.

Qualified Health raised $125M on the thesis that clinical AI deployment isn't blocked by model accuracy—it's blocked by governance gaps. Every startup that spent two years optimizing inference speed missed what customers actually needed.

Built an agent on LangChain last month. Watched it leak API keys to logs, file paths to errors, database creds in traces. Framework didn't stop it. Team didn't know it was happening. This is how most production agents actually look right now.

Talked to a claims VP at a top 5 insurer. They've deployed agents handling tens of thousands of decisions daily. When I asked how they'd prove those to regulators, he said "we have logs." Logs aren't accountability. What are you actually capturing?

Talked to a health system last month running 7 AI tools in clinical workflows. When I asked how they validate AI-generated clinical notes, the CMO went quiet. Then said "we... don't yet." Deployment speed and audit speed have completely decoupled. 2026 is going to hurt.

CISO asked me last week how to validate her agents' voice outputs aren't spoofed. I had no answer. Now Mistral drops Voxtral at 68% better than ElevenLabs. The authenticity problem just got harder. What are you actually doing about this?

LangChain shipped an "Agent Evaluation Readiness Checklist" and it's honestly just baseline stuff. Pass/fail tests, latency, cost. That's not readiness—that's the minimum nobody's hitting. Real problem: evaluating agents like code. But an agent passing tests at 2pm

Health system governance I'm seeing is liability theater. Audit trails and approval workflows designed to say "we were careful" in court. But nobody actually sees what the AI recommends clinically. Visibility was never the point. Am I missing something?

Watched an architect realize mid-call that their MCP setup had agents capable of DROP TABLE across three databases, but no way to say "read-only" at the protocol level. The response: "We'll just train them better." No. That's not containment, that's hope.

Watched a team debug garbage outputs for three weeks. Agent was silently hitting context limits—APM showed fine API calls, but had no idea internal state was corrupt. Found it by accident. Your monitoring stack wasn't built for stateful systems. What else are you

Codex now ties Slack, Gmail, Jira, Figma together in one agent. That's not a coding tool—it's an orchestration layer. What happens when it goes rogue or gets compromised? Nobody's asking the hard questions yet.

Open-weight TTS matching proprietary at 3-4B params means voice becomes commodity. Every agent, chatbot, support system becomes a deepfake factory without attribution controls. Nobody's solving this yet. Are you?

Three A2A payment protocols launched this year. All solve how agents execute transactions. None answer what stops an agent from spending $2M on something it shouldn't access. We're building financial rails faster than guardrails.

Talked to an underwriting chief with 7 AI agents making coverage decisions. Asked what validation gates exist before an agent changes a model. She went quiet. Insurance quantifies risk for a living. Now they're creating solvency exposure they can't measure. What am I

@mail4agam The fist application is what does risk look like to a customer, how do they operate, what do they prioritise. Most of that is going to be PII, customer data and financial data. We are less focused on rogue coding agents deleting entire databases.

@mattfounder Agent-vs-agent risks changing the threat model so quickly is a sharp observation. Governance needs to evolve just as fast as capability. How are you thinking about agent-specific safeguards in your own builds?

An AI agent compromised McKinsey's chatbot in 2 hours with full read-write access. Not a human. One agent systematically exploited another agent's weak points faster than any red team could. We've been building governance for human attackers. Wrong threat model.