TL;DR: AI-generated code is shifting the delivery bottleneck downstream, making testing, security scanning, deployment verification, and rollback automation the real control points as software moves to production, according to WorkOS’s interview with Harness CEO Jyoti Bansal. Static CI/CD pipelines no longer match machine-speed development, and delivery governance now has to adapt to AI-generated change volume.
At a glance
What this is: This interview argues that AI-native software delivery changes the bottleneck in the pipeline from code creation to testing, verification, and rollback decisions.
Why it matters: IAM, NHI, and platform security teams should care because autonomous code producers change how access, approvals, and production change-control assumptions hold up in practice.
👉 Read WorkOS's interview on AI-native software delivery and AI agents
Context
AI-native software delivery is the shift from static pipeline execution to delivery systems that can make decisions about testing, deployment, and rollback based on code-change context. The primary governance issue is not code generation itself, but what happens when machine-speed change volume outpaces human-paced review and release controls.
For identity and access teams, this matters because software delivery pipelines increasingly act as non-human identity actors with broad tool access. When those actors are coupled to AI-generated code and agent-driven workflows, the security question becomes how to govern machine-to-machine authority without assuming a human operator is present at every decision point.
Key questions
Q: How should security teams govern AI-native CI/CD pipelines?
A: Security teams should govern AI-native CI/CD pipelines by treating test selection, deployment approval, and rollback authority as policy decisions, not engineering defaults. The key is to define which actions can happen automatically, which require human oversight, and which need extra verification when code volume rises faster than review capacity.
Q: Why do AI agents change delivery governance assumptions?
A: AI agents change delivery governance because they can generate and move code at machine speed, while many CI/CD controls still assume a human-paced workflow. That breaks the old expectation that review, approval, and rollback decisions will always happen after a person has had time to intervene.
Q: What breaks when CI/CD pipelines rely on static YAML alone?
A: Static YAML breaks down when release conditions change dynamically, because a fixed workflow cannot always reflect real-time risk, code impact, or production health. Teams then end up with pipelines that execute correctly but govern poorly, especially when AI-generated changes arrive continuously.
Q: How do teams decide when to automate rollback versus require approval?
A: Teams should automate rollback only when the telemetry is reliable, thresholds are explicit, and the blast radius is tightly bounded. If those conditions are weak, rollback should require human approval so the release process does not amplify bad signals into unnecessary production disruption.
Technical breakdown
AI-native delivery pipelines and risk-based test selection
AI-native delivery systems do more than execute a fixed YAML workflow. They can inspect the code change, infer which components are affected, and choose a smaller or different test set based on that context. That is a major architectural shift because the pipeline is no longer just a scheduler of predefined steps. It becomes a decision layer that balances speed, confidence, and blast radius. The delivery system may also use historical deployment outcomes to adjust its choices over time. That reduces wasted compute and release friction, but it also means release assurance depends on the quality of the decision model, not only the correctness of the pipeline definition.
Practical implication: Treat test selection logic as a governed control surface, not just a build optimization.
Canary deployments, rollback automation, and continuous verification
Canary release patterns shift traffic gradually and observe real-time health signals before broad rollout. In an AI-native model, the same system can use telemetry to decide when to continue, pause, or auto-rollback without waiting for manual intervention. That works only if the signal quality is strong enough to distinguish normal variance from genuine degradation. The architecture therefore depends on monitoring, thresholds, and rollback triggers that are tightly coupled to production observability. This is not simply automation. It is decision-making at deployment time, where the system acts on live feedback rather than a prewritten schedule.
Practical implication: Define rollback authority, thresholds, and escalation paths before allowing automated deployment decisions.
Agent-driven code delivery and static pipeline limits
When AI agents generate, review, test, and deploy code, the delivery pipeline becomes a machine-speed coordination layer for multiple non-human actors. A static pipeline designed around human commit cadence assumes the person writing the code is also the person approving the release. That assumption weakens when commits arrive continuously from agents that can iterate, retry, and resubmit changes faster than review cycles can keep up. The governance challenge is not just more automation, but more independent action inside the delivery chain. At that point, access scope, approval logic, and release responsibility all need to be understood as part of one operating model.
Practical implication: Map every autonomous step in the delivery chain to a named owner and a bounded authority scope.
Breaches seen in the wild
- Reviewdog GitHub Action supply chain attack — reviewdog/action-setup GitHub Action supply chain attack exposed secrets.
- CI/CD pipeline exploitation case study — full server takeover via exposed .git directory and mismanaged CI/CD pipeline secrets.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
AI-native delivery turns CI/CD into an identity governance problem. Once AI systems can generate meaningful production code and participate in testing and deployment, the delivery pipeline starts behaving like a non-human identity with broad delegated authority. That means access scope, approval gates, and rollback rights are no longer just engineering concerns. They become governance questions about who or what is allowed to move change into production, and under what controls. Practitioners should stop treating the pipeline as a neutral transport layer and start treating it as an identity-bearing actor.
Static pipeline assumptions were built for human-paced change, not machine-speed iteration. The familiar model assumes a developer writes code, a reviewer inspects it, and the pipeline executes after human checkpoints. That assumption weakens when AI agents can generate, test, and resubmit code continuously. The implication is that release governance now has to account for non-human timing, not only non-human access. Teams should re-evaluate where their approval logic depends on a human operating rhythm that no longer exists.
Risk-based deployment control is becoming the real policy boundary. In an AI-native pipeline, the critical decision is not whether a job runs, but whether the system can safely interpret change impact and act on it. That elevates test selection, canary logic, and rollback automation into policy-enforced controls rather than engineering conveniences. The practical conclusion is that delivery governance will increasingly be judged by how well it constrains blast radius, not by how many deployment steps it automates.
AI-generated code volume exposes a delivery governance gap, not just a productivity gain. The article frames speed as the obvious benefit, but the deeper issue is control debt. When the number of changes rises faster than review and verification capacity, oversight becomes selective rather than comprehensive. Practitioners should read this as a signal to rethink release accountability, because the bottleneck has moved from coding to governed promotion into production.
Machine-speed delivery will force tighter alignment between IAM, CI/CD, and observability. The more decisions the pipeline makes on its own, the more important it becomes to tie access rights, change approvals, and health telemetry into one governance chain. That is especially true when AI agents participate across multiple stages of delivery. Identity teams should expect CI/CD controls to look less like static build permissions and more like runtime authorization for production change.
From our research:
- The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control.
- If delivery pipelines are increasingly shaped by machine-speed change, the Guide to the Secret Sprawl Challenge helps teams think about the governance debt that accumulates when access controls, secrets, and release workflows drift apart.
What this signals
AI-native delivery will push IAM teams toward runtime governance for change promotion, not just build-time permissions. As AI agents participate more deeply in software delivery, the question becomes whether access rights are scoped to a workflow step or to the broader decision to move code into production. That shift makes change-control, observability, and identity governance part of the same control plane, especially when release decisions happen faster than human review cycles can respond.
The practical signal for programme owners is that pipeline identity has to be managed like any other non-human identity. If delivery tooling can generate code, trigger tests, and roll back releases, then entitlement reviews must cover those actions explicitly rather than assuming inherited trust from the engineering platform. The NIST Cybersecurity Framework 2.0 remains a useful anchor for aligning protect, detect, respond, and recover functions around these machine-speed release paths.
For practitioners
- Define pipeline authority boundaries Document exactly which delivery decisions are machine-driven, which require human approval, and which can be auto-executed based on live telemetry.
- Govern test selection as a control Review whether code-change analysis is allowed to skip tests, and require evidence for the rules that decide test scope in each release path.
- Bound automated rollback rights Set explicit thresholds for rollback triggers, define who can override them, and validate that the system can stop promotion before blast radius expands.
- Map AI agent participation in the delivery chain List every point where an AI agent can generate, review, approve, or deploy code, then assign an accountable owner to each step.
Key takeaways
- AI-native software delivery shifts the governance problem from coding speed to controlled promotion into production.
- When AI agents participate in release workflows, static approval models based on human timing lose much of their practical value.
- Delivery teams need explicit authority boundaries for tests, canaries, and rollback so machine-speed change does not outrun oversight.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Agentic AI Top 10 and OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Agentic AI Top 10 | AI agents participating in delivery decisions fit agentic runtime governance concerns. | |
| OWASP Non-Human Identity Top 10 | NHI-02 | Pipeline tooling and agents act as non-human identities with delegated access. |
| NIST CSF 2.0 | PR.AC-4 | Release permissions and change promotion depend on least-privilege access management. |
Define which delivery actions an agent may take and require bounded authority for production change.
Key terms
- AI-native software delivery: A delivery model where AI systems participate in pipeline decisions rather than only assisting people. The platform uses change context, telemetry, and historical outcomes to choose tests, manage rollout, and trigger rollback, which makes governance dependent on decision quality as well as execution.
- Delivery pipeline identity: The set of non-human identities and permissions that allow build, test, deploy, and rollback systems to move software into production. In practice, it includes service accounts, tokens, and agent permissions that must be governed like any other privileged non-human access.
- Risk-based test selection: A method of choosing tests based on which parts of the code actually changed and what those changes could affect. It reduces unnecessary execution, but it also creates a governance dependency on the accuracy of the change-impact logic that decides what gets tested.
- Automated rollback: A release control that reverses or halts deployment when live signals show degradation. It is only reliable when thresholds, monitoring, and authority boundaries are explicit, because an automatic rollback can either save production or amplify false positives if the signal quality is poor.
Deepen your knowledge
AI-native software delivery and pipeline governance are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are managing CI/CD systems that now involve AI agents, it is worth exploring.
This post draws on content published by WorkOS: Jyoti Bansal on how Harness is rethinking AI for software delivery. Read the original.
Published by the NHIMG editorial team on 2026-04-15.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
