Foundations
Foundations
Why Agent Infrastructure Starts Empty
In a single week this April, Google, AWS, Cloudflare, and CIS independently shipped agent infrastructure built around the same architectural choice. None coordinated. All converged. At the same time, roughly 200,000 MCP servers sat exposed to arbitrary code execution — and the protocol's creator called it "expected behavior." Cloud infrastructure has followed the same sequence for nearly two decades: provision compute, then figure out security. Agent workloads appear to have broken that sequence. What replaced it is a different starting point entirely.
Why Agent Infrastructure Starts Empty
In a single week this April, Google, AWS, Cloudflare, and CIS independently shipped agent infrastructure built around the same architectural choice. None coordinated. All converged. At the same time, roughly 200,000 MCP servers sat exposed to arbitrary code execution — and the protocol's creator called it "expected behavior." Cloud infrastructure has followed the same sequence for nearly two decades: provision compute, then figure out security. Agent workloads appear to have broken that sequence. What replaced it is a different starting point entirely.
What Happens When the Sandbox Costs More Than the Work Inside It
A container takes hundreds of milliseconds to start and hundreds of megabytes to hold. For a web service that runs for weeks, nobody notices. But Cloudflare's rough math puts the near-term agent future at 24 million simultaneous sessions, each spawning streams of isolated tasks that live for a few milliseconds and die. At that cadence, spinning up the execution environment takes longer than the work inside it.
Infrastructure teams are used to optimizing what runs inside the sandbox. Agent workloads may be turning that assumption on its head. The choice of sandboxing primitive locks in per-unit costs before a single line of code runs.
What Happens When the Sandbox Costs More Than the Work Inside It
Acontainer takes hundreds of milliseconds to start and hundreds of megabytes to hold. For a web service that runs for weeks, nobody notices. But Cloudflare's rough math puts the near-term agent future at 24 million simultaneous sessions, each spawning streams of isolated tasks that live for a few milliseconds and die. At that cadence, spinning up the execution environment takes longer than the work inside it.
Infrastructure teams are used to optimizing what runs inside the sandbox. Agent workloads may be turning that assumption on its head. The choice of sandboxing primitive locks in per-unit costs before a single line of code runs.
Further Reading
