Future of Product #4 · Amsterdam

AI Agents:
Beyond the Demo.

Margot Schipper · Senior Account Executive · Cloudflare
The shift

We moved from training AI, to running it.
Now we let it act.

01
Training
02
Inference
03
Automation
ReasoningExecution
Anatomy of an agent
LLM
+
Workflow
+
API
=
Agent
the brain   +   the steps it runs   +   the tools it can use
Multi-agent orchestrationManager delegates: analyst, checker, planner
Feedback loopUser satisfaction: retry until yes
User
Instructions
Interpretation
& Reasoning
Workflow
Generation
Workflow
Execution
Iterative
Improvement
Output /
Outcome
working memory · context window
Context window

Context windows are finite.
Real tasks are not.

Actual Context Window 1M
Tool Definitions2.5M
System Prompt2K
Task
Conversation8K
Tool definitions alone exceed the entire window.
Tool calling

Post-mortem injection

Tool use is bolted on after the model is trained. It never actually learned these APIs, so it guesses.

Functional overlap

When tools expose similar schemas, the model blends them and invents parameters that do not exist.

11
placeholder image · swap later
But LLMs are very good at one thing: writing code.
The pivot

They are bad at calling tools. They are great at one thing: writing code.

Calling tools directly
modelcharge_invoice({…})
✕ wrong parameter, the task breaks
Writing code
// charge every overdue invoice
const overdue = await db.query("due < now() AND !paid")
for (const inv of overdue) {
  const r = await billing.charge(inv)
  if (!r.ok) await retry(inv)
}
✓ runs, retries, completes
  • Deterministic: loops, conditions, retries, error handling.
  • One program does what dozens of brittle tool-calls could not.
  • The tools stay out of the context window.
So where does all of this run, for hours or even days?

An agent is a durable identity, not a process.

wakes on
Message
Webhook
Scheduled alarm
Human approval
The agent
Reasoning
Write code
Execute
Built-in memory that survives restart, hibernation, deploys
Resumes exactly where it left off
Models
one model gateway: cost, caching, fallback
Tools & systems
called as code, through MCP, governed
It mostly waits, then wakes on demand. So what does that cost?
The economics

A container is a running machine. An isolate is just your code.

Containers

A whole machine: OS and runtime
Stays running to stay reachable
Cold start measured in seconds
Idle time still bills
10,000 agents, 10,000 instances

Isolates

Just your code, no OS
Wakes on demand, 0ms
Zero compute while idle
Nothing to manage
10,000 agents, pay for the active ones
For enterprises

Security is not a bolt-on. It is the prerequisite.

Shadow MCP

Unmanaged servers become governed, OAuth-scoped endpoints.

Zero Trust

Every agent request authenticated. Revoke, it stops instantly.

AI Gateway

One layer for cost, caching, and compliance on every model call.

Beyond the demo

Each answer leads to the next.

Context windows overflow. Tool calls break.
Have the model write code.
A durable execution environment: sandboxes and state.
Code must run somewhere. The agent must remember.
Now it can reach your tools and internal systems.
Zero Trust and MCP governance.
“I know what hyperscalers will look like in 10 years: exactly the same as they do now. I'm looking to Cloudflare to define what the next generation cloud looks like.
Mark Smith · Head of Infrastructure · Discord
Questions?
Come find me, I would love to chat.
Margot Schipper · Senior Account Executive · Cloudflare
01 / 09