Enterprise agents get production guardrails

AI agents are getting the boring parts enterprises need: sandboxes, storage, approvals, and logs that show what the software actually did. (openai.com) An agent is a model that does more than answer a prompt. It can call tools, open files, run code, hand work to another agent, and keep enough state to finish a multi-step task. (developers.openai.com) OpenAI said on April 15 that its Agents software development kit now adds a “model-native harness” for work across files and tools, plus native sandbox execution so model-generated code runs in an isolated environment. The company’s documentation says the sandbox can include files, commands, packages, ports, snapshots, and memory. (openai.com, developers.openai.com) OpenAI’s docs also push developers toward durable state instead of one-off chats. Sessions are described as the default for “durable memory,” resumable approval flows, and storage the application controls. (developers.openai.com) The split matters because orchestration and execution are different jobs. OpenAI’s sandbox guide says a company can keep the harness and credentials in its own infrastructure while the sandbox handles the stateful code execution in a separate boundary. (developers.openai.com) Databricks made the same pitch from the governance side on April 15. Its AI Gateway says it can apply permissions, guardrails, audit logging, cost tracking, and observability across models, application programming interfaces, Model Context Protocol servers, and coding agents such as Cursor, Codex, and Claude Code. (databricks.com) Databricks said the problem is not a single model call but a chain of actions: an agent can query Salesforce through a Model Context Protocol server, call an internal shipping application programming interface, and then send data back through a model response, often in under a second. The company said traditional governance tools do not give a unified record of who accessed what and whether policy checks were applied across that chain. (databricks.com) Cloudflare is building the infrastructure layer around the same idea. On April 13, it said it was expanding Agent Cloud so developers can run long-running agents on its network instead of keeping each one in an always-on virtual server or isolated sandbox. (cloudflare.com) Cloudflare said the target is a world where each user or employee may run dozens of personal agents at once. Its pitch was less about a smarter model than about cheaper compute, persistent execution, deployment, and security controls for “production-grade workloads.” (cloudflare.com) OpenAI, Databricks, and Cloudflare are all describing the same shift in different layers of the stack. The new selling point is not that agents can act, but that companies can limit, resume, inspect, and audit those actions after deployment. (openai.com, databricks.com, cloudflare.com)