Nobody has drawn the line on who owns the agent access layer and it's showing up in our production. The ai team owns model behavior, infra owns the api layer, and what agents are actually permitted to call, under what identity, with what audit trail, lands in neither. Then, the agents end up running under shared service account credentials with no per-agent logging and no clear accountability when something goes wrong. The 75% unsecured stat from a 2026 industry report on ai agent security tracks directly with this ownership gap more than any tooling problem. Has anyone actually resolved this cleanly? submitted by /u/Jenna32345 [link] [comments]