Challenges in AI Agent Interoperability

Agent to Agent communication between software will be the biggest unlock of AI. Right now most AI products are limited to what they know, what they index from other systems in a clunky way, or what existing APIs they interact with. The future will be systems that can talk to each other via their Agents. A Salesforce Agent will pull data from a Box Agent, a ServiceNow Agent will orchestrate a workflow between Agents from different SaaS products. And so on. We know that any given AI system can only know so much about any given topic. The proprietary data most for most tasks or workflows is often housed in many multiple apps that one AI Agent needs access to. Today, the de facto model of software integrations in AI is one primary AI Agent interacting with the APIs of another system. This is a great model, and we will see 1,000X growth of API usage like this in the future. But it also means the agentic logic is assumed to all roll into the first system. This runs into challenges when the second system can deliver a far wider range of processing the request than the first Agent can anticipate. This is where Agent to Agent communication comes in. One Agent will do a handshake with another Agent and ask that Agent to complete whatever tasks it’s looking for. That second Agent goes off and does some busy work in its system and then returns with a response to the first system. That first agent then synthesizes the answers and data as appropriate for the task it was trying to accomplish. Unsurprisingly, this is how work already happens today in an analog format. Now, as an industry, we have plenty to work out of course. Firstly, we need better understanding of what any given Agent is capable of and what kind of tasks you can send to it. Latency will also be a huge challenge, as one request from the primary AI Agent will fan out to other Agents, and you will wait on those other systems to process their agentic workflows (over time this just gets solved with cheaper and faster AI). And we also have to figure out seamless auth between Agents and other ways of communicating on behalf of the user. Solving this is going to lead to an incredible amount of growth of AI Agents in the future. We’re working on this right now at Box with many partners, and excited to keep sharing how it all comes evolves.

OWASP GenAI Security Project Drop! 𝗧𝗟;𝗗𝗥 The team released “Agent Name Service (ANS) for Secure AI Agent Discovery,” and it proposes a DNS-inspired registry that gives every AI agent a cryptographically verifiable “passport.” By combining PKI-signed identities with a structured naming convention, ANS enables agents built on Google’s A2A, Anthropic’s MCP, IBM’s ACP, and future protocols to discover, trust, and interact with one another through a single, protocol-agnostic directory. The paper details the architecture, registration/renewal lifecycle, threat model, and governance challenges, positioning ANS as foundational infrastructure for a scalable and secure multi-agent ecosystem. 𝗛𝗲𝗿𝗲 𝗶𝘀 𝘁𝗵𝗲 𝗽𝗮𝗶𝗻 𝗔𝗡𝗦 𝘀𝗼𝗹𝘃𝗲𝘀:  Fragmented AI agents, ad-hoc naming, and zero verification. Shadow agents, spoofed endpoints, and long integration cycles 𝗛𝗼𝘄? Through a universal, PKI-backed directory where every agent presents a verifiable identity, advertises its capabilities, and can be resolved in milliseconds. This reduces integration risk and boosting time-to-value for autonomous workflows. 𝗧𝗵𝗲 𝘁𝗲𝗮𝗺 𝗺𝗮𝗻𝗮𝗴𝗲𝗱 𝘁𝗼:  • Formalize a DNS-style naming schema tied to semantic versioning  • Allow embedded X.509 certificate issuance & renewal directly into the registry lifecycle  • Add protocol adapters (A2A, MCP, ACP) so heterogeneous agents register and resolve the same way PKI trust chain + semantic names + adapter layer = a secure, interoperable agent ecosystem. Ken Huang, CISSP, Vineeth Sai Narajala, Idan Habler, PhD, Akram Sheriff Alejandro Saucedo, Apostol Vassilev, Chris Hughes, Hyrum Anderson, Steve Wilson, Scott Clinton, Vasilios Mavroudis, Josh C., Egor Pushkin John Sotiropoulos, Ron F. Del Rosario

The widespread use of intelligent agents across all software platforms is becoming common, but it's one that brings with it immense complexity for technology leaders. This a fundamental shift that will create new challenges in technical architecture, user experience, security, and business ethics. Technical Complexity: The "API Hell" of today, where we struggle to make different software systems communicate, will seem trivial compared to the Agent Interoperability Nightmare. Imagine an ecosystem where a Salesforce agent needs to talk to a Slack agent, a Mailchimp agent, and an Asana agent to complete a single task. There is currently no robust communication standard, no "HTTP for AIs," to govern these interactions. Without it, we'll face chaotic, brittle systems prone to failure. This proliferation of autonomous agents will also create a Single Source of Truth Problem on Steroids. With dozens of agents reading and writing data simultaneously, what happens when a HubSpot agent and a Salesforce agent update the same customer record at the same time with conflicting information? This will lead to data inconsistencies and "data phantoms," requiring incredibly sophisticated new methods to keep data synchronized. UX and Trust Complexity: From a user's perspective, the autonomy that makes these agents so powerful also makes them terrifying. This will create a Delegation vs. Control Paradox. Users will constantly be asking themselves how much power to give their agents. Grant too few permissions, and the agent is useless; grant too many, and you risk a catastrophic mistake. New user interfaces will be needed to provide "leashes" and granular control over agent actions. Another major challenge is the Black Box of "Why?" When an agent makes a decision you don't understand—like archiving a project or reassigning a lead—the first question will always be, "Why did you do that?" Every provider will need to build a robust "explainability interface" that shows the agent's reasoning. Without this, users will never fully trust their digital counterparts. Security and Data Governance Complexity The security implications of agents are staggering. A single compromised agent could be the ultimate prize for hackers. If an agent has authentication tokens for 20 different SaaS platforms, a hacker only needs to breach one system, creating a single point of failure with an enormous blast radius. We also face the risk of Data Leakage and Cross-Contamination. Business and Ethical Complexity: When agents start making autonomous business decisions, the complexity moves into the courtroom and the boardroom. The issue of Attribution and Accountability will be a legal quagmire. The proliferation of AI agents isn't just about building a smart tool; it's about building a responsible, secure, and interoperable ecosystem of agents. These challenges also bring with it plenty of opportunities and will create new job categories within technology functions.

🌍 𝐰𝐡𝐚𝐭 𝐓𝐂𝐏/𝐈𝐏 𝐝𝐢𝐝 𝐟𝐨𝐫 𝐭𝐡𝐞 𝐢𝐧𝐭𝐞𝐫𝐧𝐞𝐭, 𝐚𝐠𝐞𝐧𝐭 𝐩𝐫𝐨𝐭𝐨𝐜𝐨𝐥𝐬 𝐰𝐢𝐥𝐥 𝐝𝐨 𝐟𝐨𝐫 𝐀𝐈… if you're excited about the future of AI agents - I highly recommend reading this 𝐜𝐨𝐦𝐩𝐫𝐞𝐡𝐞𝐧𝐬𝐢𝐯𝐞 𝐬𝐮𝐫𝐯𝐞𝐲 𝐨𝐧 𝐀𝐈 𝐚𝐠𝐞𝐧𝐭 𝐩𝐫𝐨𝐭𝐨𝐜𝐨𝐥𝐬. it’s one of the most thoughtful papers that highlights how fragmented the agent ecosystem is — and how standard protocols could change everything. today, LLM agents are being deployed across industries. but they often can’t collaborate, scale, or even plug into the same toolsets — because we lack a shared communication framework. 🔑 this paper offers: - a 2x2 taxonomy of protocols (context-oriented vs inter-agent; general-purpose vs domain-specific) - a review of key players (MCP, A2A, ANP) and how they differ on security, latency, extensibility - a vision for the future: layered architectures, privacy-aware design, and infrastructure for collective intelligence 🚧 but we’re still early: - no universally adopted standard—yet - security and trust between agents remain unsolved - tools and APIs vary wildly, creating high integration costs well, this is the classic challenge of platform transitions. we saw it with the web, with mobile, and now with AI agents. the technology is powerful, but it’s the infrastructure—the protocols—that determine whether it scales. 💡 my takeaway: if we want autonomous agents that solve real-world problems, we need to invest in open, interoperable standards—not just better models. link in the comments below 👇 #AI #LLMAgents #AgentProtocols #AIInfrastructure #CollectiveIntelligence

𝗧𝗵𝗲 𝗵𝗶𝗱𝗱𝗲𝗻 𝗰𝗼𝘀𝘁 𝗼𝗳 𝗶𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗼𝗻 𝗰𝗼𝗺𝗽𝗹𝗲𝘅𝗶𝘁𝘆 𝗶𝗻 𝗔𝗜 𝘀𝘆𝘀𝘁𝗲𝗺𝘀 As you scale your enabled systems and integrate multiple AI models (like ChatGPT, Claude, Gemini, etc.) with enterprise tools—CRM, analytics, internal apps—something critical breaks: 𝗶𝗻𝘁𝗲𝗿𝗼𝗽𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆. This is where the 𝗠𝗼𝗱𝗲𝗹 𝗖𝗼𝗻𝘁𝗲𝘅𝘁 𝗣𝗿𝗼𝘁𝗼𝗰𝗼𝗹 (𝗠𝗖𝗣) comes in. 𝗪𝗶𝘁𝗵𝗼𝘂𝘁 𝗠𝗖𝗣: Each AI agent needs a separate integration with each tool—resulting in an exponential 𝙼 × 𝙽 mess. 𝗪𝗶𝘁𝗵 𝗠𝗖𝗣: A single protocol acts as a unifying layer. Each model and system integrates once with MCP—bringing order, efficiency, and scalability. Now it's simply 𝙼 + 𝙽. This is not just cleaner architecture—it’s 𝗔𝗜 𝗲𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴 𝗮𝘁 𝘀𝗰𝗮𝗹𝗲. I've visualized this transition in the image below to make the value of MCP clear for technical and non-technical teams alike. What do you think—are we heading toward an AI future where 𝗽𝗿𝗼𝘁𝗼𝗰𝗼𝗹-𝗳𝗶𝗿𝘀𝘁 𝗱𝗲𝘀𝗶𝗴𝗻 becomes standard?

The operating principles of Enterprise AI: 1/ Enterprise AI won’t be centralized; it’ll be a choreography of agents across your stack. 2/ AI adoption won’t fail because of models. It’ll fail because of interoperability. 3/ MCPs and Agent-to-Agent standards will become the TCP/IP of enterprise AI. 4/ Agent-to-agent coordination is the enterprise glue of the AI era. 5/ Orchestration will shift from rule-based to context-based: dynamic, adaptive, truly intelligent. 6/ Agent networks will decide who leads based on intent, not hierarchy. 7/ Salesforce, Workday, Box... each will own its workflow, but not the full customer journey. 8/ The monolith is dead. Long live the mesh of intelligent agents. 9/ Agents are not products. They’re participants in workflows. 10/ Composable AI is like Lego for workflows. You bring your blocks. The system will build itself. 11/ AI is no longer a layer; it’s the fabric stitching the enterprise together. 12/ AgentOps will become the new DevOps. 13/ You won’t debug code, you’ll debug conversations between agents. 14/ Legacy IT is already struggling. Agent-based architectures will widen the gap. 15/ Building an agent is easy. Getting 50 to work together is not. 16/ Enterprise IT isn’t ready. Most data isn’t even accessible, let alone AI-ready. 17/ Agent networks will force a reckoning with your data infrastructure. 18/ Horizontal agent orchestration will emerge when no clear system owns the workflow. 19/ Agent interactions will need the same auditability and traceability as financial systems. 20/ You’ll need governance not just over data, but over agent behavior. 21/ How your agents reason will be subject to compliance. 22/ An agent is only as trustworthy as the data it’s trained on. 23/ The battle for AI supremacy will be won in orchestration, not inference. 24/ Vertical agents will dominate first. Horizontal orchestration will follow.