Future of Product #4 · Amsterdam

AI Agents:
Beyond the Demo.

Margot Schipper · Senior Account Executive · Cloudflare
The shift

We moved from training AI, to running it.
Now we let it act.

01
Training
02
Inference
03
Automation
ReasoningExecution
Anyone can build the demo. Running it is the hard part.
Definitions

What an agent is, and what it is not.

Chatbot
Answers your questions.
Co-pilot
Helps you do the work.
Workflow
Runs a fixed script.
LLM
+
Workflow
+
API
=
Agent
Context window

Everything has to fit in one window.

Context window 1M
Tool Definitions2.5M
System Prompt2K
Task3K
Conversation8K
Tool calling

To an agent, your tools are a foreign language.

90% per call × 10 calls = 35% finish clean
Hand Fred a tool he has never used and he guesses. Over a whole task the guesses compound, so two tasks in three fail, and you never see it happen.
But it speaks one language fluently: code.
The pivot

Do not make it call your tools. Let it write the code.

Calling tools
the model runs every step✕ slow, and the errors compound
Writing code
// charge every overdue invoice
const overdue = await db.query("due < now() AND !paid")
for (const inv of overdue) {
  const r = await billing.charge(inv)
  if (!r.ok) await retry(inv)
}
✓ the model writes once, the computer runs the rest
  • Code is its native tongue.
  • The computer runs the loop, not the model.
  • 150,000 tokens of tools become 2,000.
So where does that code run, for hours or even days?

A brilliant mind still needs an office.

Wakes
A message
A webhook
A scheduled alarm
A human approval
Works
Fred, the mind
Reason
Write code
Run
in a safe room of its own
Remembers
Built-in memory
Survives restarts and deploys
Resumes exactly where it stopped
It mostly waits, then wakes on demand. So what does that cost?
Pay for work, not waiting

You pay Fred for fingers on the keyboard, not the coffee.

10,000 agents, mostly idle. You pay for the 100 doing the work.
For enterprises

An agent is an identity. Secure it like one.

The same questions you would ask any new hire with a key.

Who is it?

A governed identity, not a script run from a laptop.

Which doors open?

Only the systems its job needs. Nothing else.

What did it touch?

Every action authenticated and logged.

Can you shut it off?

Revoke access and it stops mid-task, instantly.

“I know what hyperscalers will look like in 10 years: exactly the same as they do now. I'm looking to Cloudflare to define what the next generation cloud looks like.
Mark Smith · Head of Infrastructure · Discord
Questions?
Come say hi after the talk, and let's stay in touch.
Connect on LinkedInlinkedin.com/in/marschip
Ready to start building?cloudflare.com/startups
01 / 09