8 Ways AI Agents Are Reshaping Engineering Teams and Workflows

Last Thursday, San Francisco hosted at least 10 events connecting AI startups with venture capitalists—a typical night in the city. But one stood out: Camp AI's 'Agents at Work' event, organized by Auth0. Companies like Browserbase, Mastra, Fireworks AI, Drata, Mya, MindFort, and Corridor showcased how they're rethinking engineering processes around AI agents. They shared both successes and challenges in restructuring their teams. Here are eight key insights from the event, distilled into actionable lessons for any engineering leader navigating this shift.

1. Smaller Teams, Bigger Impact

Paul Klein IV, founder and CEO of Browserbase, set the tone with a memorable line: 'If AI is not doing your whole job, it’s a skill issue at this point.' Abhi Aiyer, founder and CTO of Mastra, elaborated on the implications: teams that once required multiple engineers can now function with a single person. 'You can have one person run a whole feature project because they have an army of one to infinity AI agents behind them,' Aiyer explained. This shift allows organizations to execute larger scopes of work with dramatically smaller teams, but it also demands a different set of skills—namely, the ability to orchestrate and monitor AI agents effectively. Leaders must retrain their workforce to become agent managers rather than just coders.

2. The Bottleneck Moves From Code Generation to Review

Several panelists highlighted an emerging bottleneck: AI systems generate code faster than humans can safely review it. Aiyer noted that engineering teams are seeing a surge in pull requests, but review throughput hasn't kept pace. This imbalance can lead to quality issues and security risks. To address this, teams need automated review tools and clearer prioritization. The challenge is no longer about writing code—it's about maintaining quality control in a high-velocity environment. Without rethinking the review process, organizations risk shipping flawed software at an alarming rate.

3. Throttle AI Output Based on Risk

Klein stressed the importance of throttling experimental AI output. 'If you are in the critical path and customer facing, no slop,' he said. 'If you are not critical path, not customer facing, slop away.' This pragmatic approach means organizations should deploy AI agents cautiously in production environments but can afford more experimentation in internal tools or non-critical systems. By segmenting workflows based on risk, teams can embrace AI's speed without jeopardizing reliability. Implementing guardrails—like limiting the number of simultaneous agents or requiring human approval for high-risk actions—helps maintain safety.

4. Ownership Doesn't Disappear With AI

Trust and ownership are stumbling blocks for many teams adapting to AI agents. Rob Ferguson, VP of technology and strategy at Fireworks AI, made it clear: 'It doesn’t matter if you typed it or prompted it, you own it.' This principle means engineers must take full responsibility for code generated by AI. Organizations need to establish clear accountability frameworks—who reviews, who deploys, and who handles failures. Without this, teams may face blame-shifting or negligence. Leaders should emphasize that using AI tools doesn't absolve employees of their duty to ensure quality and security.

5. Observability and Accountability Are Non-Negotiable

Rob Ferguson also argued that observability becomes critical when agents operate autonomously. Teams must be able to trace every action an agent takes, from code commits to API calls. Without transparency, debugging becomes impossible, and trust erodes. Bhavin Shah, VP of AI product at Drata, echoed this: 'The agent is constantly telling the user, here is the action I’m taking, here is what I’ve done.' This level of auditability is essential for enterprise compliance. Tools that log agent decisions and flag anomalies can help teams stay in control while leveraging AI's efficiency.

6. Auditability Is a Must for Enterprise AI

Shah further emphasized that enterprise AI systems require detailed audit trails. When AI agents interact with sensitive data or make decisions that affect customers, every step must be logged and reviewable. This includes knowing which agent performed which action, with what permissions, and at what time. Organizations in regulated industries—like finance or healthcare—must build this into their architecture from day one. The alternative is a compliance nightmare. By designing agents to report their actions transparently, companies can satisfy auditors and also improve internal debugging.

7. Secure Authentication and Authorization for Agents

Auth0's demos showcased their new MCP authentication product, which reached general availability this week. It focuses on securing how AI agents interact with APIs and Model Context Protocol (MCP) servers. Monica Bajaj, SVP of engineering at Okta, stressed the importance of minimizing risk exposure as agents operate autonomously. Traditional user-based authentication models don't scale to agentic workflows. Instead, organizations need to assign fine-grained permissions to agents—ensuring they only access what's necessary. Short-lived tokens and context-aware authorization are key strategies to prevent unauthorized actions.

8. Avoid Long-Lived Tokens for Agent Operations

Bajaj also warned against using long-lived tokens for agent operations. 'How do we make sure that those tokens are not long-lived tokens?' she asked, highlighting a common security pitfall. Agents that execute tasks over extended periods require credentials that can be rotated or revoked easily. Implementing token expiration and automated credential management is critical. This prevents an exploited agent from compromising an entire system. Teams should adopt just-in-time access principles, granting permissions only when needed and revoking them immediately after task completion.

The 'Agents at Work' event made one thing clear: AI agents are already transforming engineering teams, but success depends on rethinking processes around review, ownership, security, and accountability. Leaders who embrace these changes can unlock unprecedented productivity—if they prepare their teams for the new challenges. From throttling output based on risk to securing agent tokens, the path forward requires both technical and cultural shifts. The companies that get this right will be the ones thriving in the age of agentic AI.