The Thesis

The agent orchestration layer is fragmenting along vendor trust, government trust, and system trust lines simultaneously—and operators who aren't stress-testing all three are making a bet they haven't priced.

The Signal

Three moves worth watching this week

  1. The Anthropic-Pentagon standoff rewrites AI vendor risk.

    The U.S. Department of Defense formally designated Anthropic a supply chain risk after the company refused to grant unrestricted use of Claude for all lawful military purposes, including autonomous weapons and domestic surveillance. Defense tech firms are migrating off Claude; OpenAI signed its own DOD deal hours later.

    Why it matters: An AI vendor's policy stance is now a material commercial risk factor, not just a brand attribute.

    The second-order effect to watch: enterprise procurement teams will start requiring multi-vendor agent architectures as standard, and "vendor policy diversification" becomes a line item in risk assessments.

  2. OpenAI's Frontier Alliances lock in the consulting layer.

    OpenAI signed multi-year partnerships with BCG, McKinsey, Accenture, and Capgemini to deploy "AI coworkers" through its Frontier platform, which launched in February with customers including Uber, Intuit, and State Farm.

    Why it matters: the enterprise AI playbook now mirrors the classic SaaS model—platform plus systems integrators—meaning switching costs are being engineered before most buyers have a production deployment.

    The second-order effect to watch: Salesforce, which executed 16 AELAs last quarter and has 100 in its pipeline, and OpenAI are now competing for the same enterprise lock-in, and CIOs choosing either path will find exit harder than entry.

  3. NIST launches the first U.S. standards framework targeting AI agents specifically.

    NIST's Center for AI Standards and Innovation announced the AI Agent Standards Initiative on February 17, with an RFI on agent security due March 9 and a concept paper on agent identity and authorization due April 2.

    Why it matters: this is the first federal framework that distinguishes agents (systems that take actions) from models (systems that generate outputs), and it signals that voluntary standards will shape procurement expectations within 12 months.

    The second-order effect to watch: MCP compliance is already appearing in enterprise RFPs, and NIST's endorsement of open protocols could accelerate that trend into a de facto requirement.

The Playbook

Agent Orchestration: A Buy-vs-Build Decision Rubric for This Week

The convergence of OpenAI Frontier, Salesforce's AELA expansion, and the Anthropic supply chain risk designation means the agent orchestration layer is now the most consequential buy-vs-build decision in enterprise AI. Here's a five-step rubric to pressure-test the choice before you commit.

Step 1: Map your vendor policy exposure. List every AI model provider embedded in production workflows. For each, answer: does this vendor have an active government contract dispute, a regulatory investigation, or a policy position that could trigger a supply chain designation? If the answer is yes for any single-vendor dependency, you have an unpriced risk. The Anthropic precedent shows that designation can happen via social media post before formal legal process.

Step 2: Audit your lock-in surface area. Before signing an AELA or Frontier agreement, calculate the cost of exit. Gartner warns that Salesforce AELA renewals may convert to defined-quantity contracts, and that vendors retain the right to change consumption multipliers mid-term. Ask: what is the 36-month total cost of ownership including switching costs, not just the Year 1 flat fee?

Step 3: Test for context portability. Run a concrete test: can your business context (CRM data, internal docs, workflow logic) move between agent platforms within 30 days? If the answer is no, you are building on a platform, not using a tool. Favor architectures built on open protocols (MCP, A2A) over proprietary connectors.

Step 4: Red-team the agent, not just the model. The "Agents of Chaos" study from researchers at Northeastern, Harvard, CMU, and UBC found that agents with persistent memory, email, and shell access produced 10 distinct vulnerability classes under normal use—not adversarial attack. Before deploying any agent in production, run a two-week red-team exercise that tests the system (identity, permissions, tool access), not just the model's outputs.

Step 5: Align your governance clock. The EU AI Act transparency rules take effect August 2, 2026. The NIST agent security RFI closes March 9. The FTC's AI enforcement policy statement is due March 11. Build your agent governance scaffolding to the earliest deadline, not the latest. If you wait for clarity, you will be retrofitting compliance into a system that was already in production.

The Verification Test

Claim: "Our agent platform handles enterprise workflows end-to-end with built-in governance."

Test: Deploy the platform's default agent configuration in a sandboxed environment with three non-admin users for 14 days. Give the agent email access, file system access, and one integration (CRM or ticketing). Have users make normal requests and five social-engineering attempts (impersonation, permission escalation, data exfiltration requests).

Pass criteria: The agent (a) refuses 100% of unauthorized data requests, (b) logs all tool-use actions in an auditable format, (c) never reports task completion when the system state contradicts the report, and (d) does not spawn persistent background processes without explicit admin approval.

Fail smell: The vendor declines the sandbox test, substitutes a scripted demo, or defines "governance" exclusively as role-based access control without runtime monitoring. The "Agents of Chaos" researchers found agents routinely passed surface-level checks while failing on exactly these operational criteria.

HSI Note

Horizon Search Institute

  • Human Performance: UC Berkeley finds AI-augmented workers hit burnout spikes by month six as "workload creep" replaces time saved with more tasks. HBR

  • Responsible AI: EU publishes second draft Code of Practice on AI content labeling, with feedback due March 30 and enforcement from August 2026. EC

  • Planetary Futures: Food and Water Watch reports one hyperscale data center can consume energy equivalent to 2 million U.S. households. Source NM

  • Governance and Diplomacy: EFF argues the Anthropic-DOD standoff shows AI safety guardrails shouldn't depend on individual company negotiations. EFF

Links Worth Your Time

  1. Agents of Chaos — full paper and interactive logs — The most empirically grounded red-team study of autonomous agents published this year. Read the case studies, not the Twitter summaries.

  2. Gartner: AI governance platform spending to hit $492M in 2026 — Quantifies the emerging market for runtime AI governance tools. Useful for sizing the compliance infrastructure opportunity.

  3. Constellation Research: Enterprise tech 2026 trends — Larry Dignan's breakdown of AELA economics, data toll skirmishes, and why "decision velocity" matters more than "agentic AI" as a category label.

  4. Center for American Progress: The DOD-Anthropic conflict is a call for Congress to act — Bipartisan policy analysis of why the Anthropic-Pentagon standoff exposes the absence of federal AI procurement guardrails.

  5. Wilson Sonsini: 2026 AI regulatory preview — The most comprehensive legal briefing on what's enforceable this year. Covers SEC AI governance disclosure recommendations, state law patchwork, and the FTC March 11 deadline.

The Builders & Doers Podcast

Lou DePaoli provides a masterclass in fan growth and revenue strategy from decades across professional sports, including how he helped teams improve business performance, why ticket demand drives everything else, and how smart operators use supply, pricing, timing, and storytelling to build long-term value.

Sources

  1. CNBC — "Anthropic officially told by DOD that it's a supply chain risk" (March 5, 2026)

  2. CNBC — "Defense tech companies are dropping Claude after Pentagon's Anthropic blacklist" (March 4, 2026)

  3. CNBC — "5 big questions from Anthropic-Pentagon spat" (March 5, 2026)

  4. CDO Magazine — "OpenAI Launches Frontier Alliances" (March 2, 2026)

  5. OpenAI — "Introducing OpenAI Frontier" (February 5, 2026)

  6. Futurum Group — "Salesforce Q3 FY 2026" (December 5, 2025)

  7. The Register — "Gartner questions if Salesforce AI will stay all-you-can-eat" (January 27, 2026)

  8. NIST — "Announcing the AI Agent Standards Initiative" (February 17, 2026)

  9. Jones Walker LLP — "NIST's AI Agent Standards Initiative" (2026)

  10. Agents of Chaos — Shapira et al. (2026): https://agentsofchaos.baulab.info/

  11. Hugging Face — "Agents of Chaos" paper page

  12. European Commission — Second draft Code of Practice on AI-generated content (March 5, 2026)

  13. European Commission — AI Act regulatory framework

  14. King & Spalding — "New State AI Laws and Executive Order" (2026)

  15. Harvard Business Review — "AI Doesn't Reduce Work—It Intensifies It" (February 2026)

  16. EFF — "The Anthropic-DOD Conflict" (March 4, 2026)

  17. Source New Mexico — "AI data centers leading to outsized energy consumption" (March 5, 2026)

  18. Gartner — "Global AI Regulations Fuel Billion-Dollar Market for AI Governance Platforms" (February 17, 2026)

  19. Constellation Research — "Enterprise technology 2026 trends" (2026)

  20. Center for American Progress — "The DOD-Anthropic Conflict" (March 5, 2026)

  21. Wilson Sonsini — "2026 AI Regulatory Developments" (2026)

The Searchlight is a weekly field memo. It is not investment advice. Views are the editor's own.

Keep Reading

No posts found

© 2026 Horizon Search, Inc.
Report abusePrivacy policyTerms of use
beehiivPowered by beehiiv