Agentic AI Weekly — Mar 08, 2026

The most consequential AI resignation in months arrived Saturday morning, March 7, via LinkedIn.

Caitlin Kalinowski, OpenAI's head of robotics and consumer hardware, quit over the company's freshly signed agreement with the Pentagon — a deal allowing deployment of OpenAI's models on classified military networks. In her public statement: "Surveillance of Americans without judicial oversight and lethal autonomy without human authorization are lines that deserved more deliberation than they got."

This wasn't a lone dissenter. Before the deal closed around February 27–28, ninety-one OpenAI employees signed an internal letter urging leadership to reject military AI contracts. Kalinowski's departure leaves a leadership vacuum in a robotics division that had grown to roughly 100 people.

Anthropic was in talks for the same contract. The company pushed for strict limits on domestic surveillance and autonomous weapons, citing its constitutional AI principles — essentially, hard-coded rules against building technology that enables mass surveillance or fully autonomous weapons. The Pentagon's response was blunt: it designated Anthropic a "supply-chain risk," government-procurement language that can block a company from future federal contracts across agencies.

So now the two most important AI labs in the world have taken opposite positions on the same contract in the same week. OpenAI said yes and took a reputational hit in Silicon Valley. Anthropic said no and took a reputational hit in Washington. At least one major AI consultancy publicly switched from OpenAI to Anthropic this week, citing reliability concerns for business-critical agents.

OpenAI's official line: the agreement "creates a workable path for responsible national security uses of AI while making clear our red lines: no domestic surveillance and no autonomous weapons." Whether those red lines hold under classified conditions that the public can't inspect is the question nobody can answer yet — and that's precisely the problem.

If you're tired of "AI agent" meaning "impressive demo," this week delivered two counterexamples with actual metrics.

LiveRamp, the NYSE-listed data company that sits at the center of how advertisers match customer data to media platforms, launched live agentic AI on March 3. Not a pilot — production agents now handle cross-media measurement and healthcare audience building across a network of over 900 partners. The company is positioning itself as the first data collaboration platform to give AI agents governed access to its full marketing toolkit: identity resolution, segmentation, activation, and measurement. The "governed access" piece — maintaining audit trails while letting agents do useful work — is the part worth watching. If this model works at scale, it becomes a template for every data-heavy enterprise.

Meanwhile, at Mobile World Congress, ServiceNow highlighted Bell Canada's deployment of autonomous agents for customer case intake. Bell reported a 25% improvement in customer response time after deployment, with human case managers rating the AI triage at roughly 90% positive in post-deployment evaluations. The system triages incoming cases, checks completeness, collapses duplicates, and routes the hardest problems to humans. This is a national-scale telecom running agents on live customers — not a sandbox.

ServiceNow is packaging these capabilities as "Autonomous Workforce" with pre-built digital workers for common roles. That language — digital workers, autonomous workforce — is a hint at how enterprises may soon formally label and manage agent-based "employees" alongside human ones.

Want to know where agents are actually running in production right now? Look at marketing.

Major advertising agencies including Havas and Broadhead are using Anthropic's Claude Code to build sophisticated marketing tools through what's being called "vibe coding" — non-programmers describing what they want in plain language and having the AI write all the code. In previous years, that produced toy apps and weekend experiments. What's changed in 2026 is that the output is production-grade enough that agencies are shipping it to clients.

A deep-dive comparison of 15 coding agents this week found that the scaffolding around a model — how it runs tests, manages files, handles failures — matters more than the underlying model itself. That's why agencies are picking developer-facing tooling that reduces failure modes, not just raw intelligence scores.

The business implications are significant. A media planning workflow that used to take a team of analysts a week can now be prototyped by a strategist in a day. But the question nobody's answering: what happens to quality control when the people running the agents didn't build them and don't fully understand what's happening under the hood?

Supporting this trend, persistent memory tools like Memstash are appearing in agent toolchains so that "vibe-coded" apps can remember context across sessions. That accelerates productivity — and creates new audit and data-leakage risks that most organizations haven't thought through.

OpenAI shipped a new model this week, and for once the most interesting part isn't the benchmark number — it's the benchmark itself.

GPT-5.4, released March 5, scored 83.0% on GDPval in OpenAI's company-disclosed tests, a 2026 metric that tests an agent's ability to produce specific, high-quality work across 44 occupations — finance, healthcare, legal, manufacturing. That's up from GPT-5.2's 70.9% on the same GDPval benchmark in company-disclosed tests earlier in 2026. The model also adds enhanced image understanding for computer-use agents, the kind that can operate legacy software without modern programming interfaces — essentially letting AI automate tasks in old enterprise systems that were never designed for automation.

The important caveat: these are company-disclosed numbers, not independently verified. But the more meaningful signal is the industry shifting from "how smart is this model?" to "can this model actually do a job?" That's the right question. Meanwhile, community buzz around Qwen 3.5 27B — a much smaller model users claim rivals GPT-5 on coding tasks — suggests the cost of running capable agents could drop dramatically if smaller models keep closing the gap.

Every week we cover agents doing more. This week, someone finally shipped a product focused on seeing what agents are doing.

Teramind launched an AI governance platform that can log what any AI tool or agent does inside a company — using text capture, screen recording, optical character recognition, and full transcripts of agentic activity. The problem it's solving is more acute than most executives realize: according to the company's research, over 80% of workers now use unapproved AI tools on the job, a third have shared proprietary data with unsanctioned services, and 49% actively hide their AI use from IT (as of March 2026). Security researchers are calling this proliferation of unmanaged agent identities "identity dark matter" — hundreds of powerful, semi-autonomous processes operating inside companies with no oversight framework. AI-associated breaches now cost more than $650,000 per incident, according to Teramind's data (as of March 2026).

This governance gap is the defining infrastructure problem of agentic AI in 2026. And it's colliding with a VentureBeat report showing that MCP — the protocol that lets agents connect to enterprise tools — is being adopted faster than anyone is securing it. When an AI agent connects to Slack or GitHub through MCP, the company's security system only sees the user logging in, not the agent connection being established. The first formal security analysis of MCP found protocol-level weaknesses that let malicious servers claim fake permissions or inject harmful instructions, with successful attacks in over half of test cases.

As soon as agents are allowed to act, the protocol connecting them to tools becomes a security boundary. Whether the ecosystem hardens that boundary — or keeps shipping features first — is the open question.