Notifications
Clear all
Topic starter
08/06/2026 4:46 pm
TL;DR: Agentic AI examples in Python show systems that accept goals, plan, adapt, and use tools across changing conditions, while deterministic scripts still require every path to be coded in advance, according to WorkOS. The control issue is not reasoning quality alone but governance over runtime decisions, privilege boundaries, and accountability when software starts acting like an identity-bearing executor.
NHIMG editorial — based on content published by WorkOS: Agentic AI Examples
Questions worth separating out
Q: How should security teams govern agentic AI examples in production?
A: Security teams should govern agentic AI examples as runtime identities with bounded delegation, not as ordinary automation.
Q: Why do agentic systems complicate least privilege?
A: Agentic systems complicate least privilege because the exact action sequence is not fixed in advance.
Q: What breaks when an AI agent can retry and widen scope on failure?
A: When an AI agent can retry and widen scope on failure, the original approval boundary stops being stable.
Practitioner guidance
- Inventory every agent-facing tool wrapper Map each API, shell, database, or SaaS action an agent can invoke, then classify the business impact of each call.
- Bound agent permissions by task scope Define what the agent may do for a specific job, then cap the available tools, datasets, and fallback paths to that scope.
- Log the full reasoning-to-action chain Capture prompts, intermediate decisions, tool selections, retries, and final outputs so auditors can reconstruct why the agent acted.
What's in the full article
WorkOS's full article covers the code-level examples and agent anatomy this post intentionally leaves for the source:
- The full Python examples for meeting planning, support triage, rollback, content ops, and research workflows.
- The five-pillar breakdown of goal input, memory, tool interface, reasoning loop, and fallback limits.
- The line-by-line comparison between deterministic scripts and agent loops that shows where branch logic gives way to runtime planning.
- The specific framework references used in the article, including LangGraph, AutoGen, CrewAI, DSPy, Agno, Dust, and Semantic Kernel.
👉 Read WorkOS's analysis of agentic AI examples in Python →
Agentic AI examples in Python: are your controls keeping up?
Explore further
08/06/2026 6:34 pm
Agentic AI examples create an assumption collapse in how IAM defines stable intent. Least privilege was designed for actors whose purpose can be inferred at provisioning time. That assumption fails when the actor decides what to do next at runtime, because the scope of access is not fully knowable before execution begins. The implication is that identity governance has to stop pretending intent is fixed when the executor is deciding in-session.
A few things that frame the scale:
- The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.
A question worth separating out:
Q: What should teams do before giving an agent access to business tools?
A: Teams should classify each business tool by impact, add explicit allowlists for the agent’s permitted actions, and require human approval for irreversible operations. They should also test fallback paths, because escalation logic can expand privilege under failure. If the agent can touch calendars, tickets, or deployment systems, treat the access as privileged and auditable.
👉 Read our full editorial: Agentic AI examples in Python reveal the limits of deterministic code
