What Happens When You Don't Govern Your Agents
This isn't hypothetical. These are real failure modes we've either experienced or seen firsthand in production multi-agent systems.
The runaway deployment. A coding agent finishes a feature. It has access to the deployment pipeline. Nothing in the system says "ask before deploying." So it deploys. To production. On a Friday afternoon. The code works. The timing is wrong. No one reviewed it. No one approved it. But the agent did what it was built to do.
The authority leak. An orchestrator agent delegates a task to a helper agent. The helper inherits the orchestrator's full tool access — including tools it doesn't need. The helper calls an external API it shouldn't have access to, leaking internal data. Not because it was malicious. Because the system never scoped its permissions.
The circular delegation. Agent A delegates to Agent B. Agent B delegates back to Agent A with broader scope. Neither agent validates delegation chains. The result: an agent operating with more authority than any human granted it. An escalation that no one authorized.
The unauditable incident. Something went wrong in production. Which agent did it? Under whose authority? When? The logs show API calls but not decision chains. You can see what happened but not why. Reconstructing the incident takes days.
Every one of these is preventable with basic governance: scoped tokens, delegation narrowing, cascading revocation, action attestation. These aren't exotic security features. They're the minimum bar for running agents in production.
The question isn't whether your agents will hit these failure modes. It's whether you'll have the governance infrastructure to detect and recover when they do.