Tun Shwe and Jeremy Frenay at Lenses argue that MCP servers fail in production not because of missing auth, but because teams expose agent-facing tools like human APIs. Security starts at interface design—fewer tools, constrained inputs, minimal data exposure—before a single line of OAuth code.

Simon Willison argues that coding agents become trustworthy when you stop reviewing their code line-by-line and start demanding proof: red-green TDD, runtime smoke tests, conformance suites, and sandboxed execution. The shift from human review to automated verification is what makes agent autonomy viable.

Amplifon built a centralized registry system for MCP servers and A2A agents across 26 countries and 10,000+ stores. The architecture—registries, metadata, blueprints, CI/CD-driven discovery—offers a concrete answer to the enterprise agent sprawl problem most organizations haven't started solving.

Deloitte's Tech Trends data shows 93% of enterprise AI spend goes to technology and tooling while just 7% funds culture, change management, and learning. Bill Briggs argues this imbalance directly explains why fewer than 30% of agentic pilots reach production at scale.

Stefano Fiorucci trained a small open-source model to outperform GPT-5 Mini at tic-tac-toe using reinforcement learning with verifiable rewards. The key lesson: environment design—reward signals, opponent calibration, batch sizing—determines whether RL training succeeds or collapses.