Research · Substack Thesis Validation
Back to sweepResearch sweep · deep · 2025 – present
AI Dark Code — Organisational Accountability and Control
AI-generated and agent-produced code ("dark code") in enterprise settings June 2025–April 2026: organisational accountability structures, failure and adaptation of established management frameworks, technical and governance controls, observability and discoverability of agent logic, and documented outcomes from early enterprise adoption.
- financial
- frontier
- academic
- vc
- substack
Synthesised 2026-04-13
Narrative
The Substack and practitioner-commentary lane reveals a field rapidly converging on a central thesis: AI-generated and agent-produced code ('dark code') has already escaped the boundaries of conventional enterprise governance, and the management frameworks built for human-authored software are failing in predictable but underaddressed ways. Multiple Substack authors (Secure Trajectories, Rock Cyber Musings, Platforms/AI/BigTech) and academic outlets (California Management Review, Journal of Management Studies, IJRSI) document the same structural breakdown: principal-agent theory, RACI accountability, and periodic human-review oversight all assume intentionality, episodic decision-making, and a human author traceable to every artefact. When production logic has no author — or when the 'author' is an LLM orchestration layer with no intent — these frameworks lose their foundational premise. The most cited empirical flashpoints are Microsoft's admission (April 2025, Satya Nadella) that 20-30% of code in some Microsoft repos is AI-generated with no reliable post-hoc detection method; a Fortune 50 enterprise analysis (September 2025) finding AI-assisted developers produce commits at 3-4x the rate but introduce security findings at 10x the rate; and Veracode's 2025 GenAI Code Security Report showing 45% of AI-generated code contains OWASP Top 10 vulnerabilities regardless of model generation. The governance response is nascent but accelerating: Singapore's IMDA launched the world's first national agentic AI governance framework on 22 January 2026, mandating agent identity management, human accountability checkpoints, and technical controls; NIST launched an AI Agent Standards Initiative in February 2026; and OpenAI, Anthropic, and Block co-founded the Agentic AI Foundation under the Linux Foundation in December 2025, donating AGENTS.md, MCP, and Goose as the first open standards infrastructure for agent provenance and interoperability. On the technical controls side, the emerging consensus centres on: policy-as-code with centralised logging, AI Bills of Materials, pre-commit hooks that threshold AI-generated code at >60% for enhanced review, and OpenTelemetry GenAI semantic conventions for runtime tracing of agent reasoning chains. However, the Rock Cyber Musings Substack post critically identifies that Singapore's human-in-the-loop checkpoint model is arithmetically unscalable for a mid-size enterprise running 50 agents at 20 tool calls per hour — a governance failure mode that the field has not yet resolved.
The observability and discoverability sub-theme shows the most technical maturity: OpenTelemetry's official AI agent framework semantic conventions are now the designated standard for interoperable agent telemetry, with auto-instrumentation packages available for OpenAI, Anthropic, LangChain, and LlamaIndex. Red Hat's April 2026 guide demonstrates production-grade distributed tracing across multi-agent workflows using MCP servers. However, a December 2025 arXiv survey described the agent data landscape as 'increasingly fragmented with loosely defined terminologies' — and Stéphane D.'s Substack documents that agent reasoning data is still being dumped into markdown files and vector databases without structured governance. The governance ownership question remains unresolved: the 2025 Agentic Identity Survey found agent identity ownership split between Security (39%), IT (32%), and an emerging AI Security function (13%), meaning no single function owns the dark-code risk in most enterprises. The unresolved claims in the Substack thesis concern: whether 'policy as code' and signed artefacts can substitute for human authorship as the accountability anchor; whether any enterprise has successfully reversed or paused an AI code generation initiative specifically due to audit failure (as opposed to security incidents); and whether classical stewardship theory — which assumes agent alignment with principal interests — is more applicable than adversarial principal-agent theory for agentic systems that lack intentional self-interest.
Sources
| ID | Title | Outlet | Date | Significance |
|---|---|---|---|---|
| s1 | From Autonomous to Accountable: Architecting the Insurable AI Agent | Secure Trajectories (Substack) | 2025-10 | Directly addresses enterprise accountability for agent-produced artefacts, arguing that agents must be governed like a new category of employee and that audit-log mandates (AIUC-1 control E015) are the key technical governance lever. |
| s2 | AI Agent Autonomy without Accountability is Dangerous | Astrolabium (Substack) | 2026-04 | Examines the accountability vacuum in agentic AI deployment, articulating the unresolved question of liability attribution when open-source or unsupervised agents cause harm — a core claim of the dark-code thesis. |
| s3 | Should PMs care about AI agents going rogue? | Malthi SS (Substack) | 2026-04 | Cites Singapore's January 2026 MGF and NIST's February 2026 AI Agent Standards Initiative as emerging governance anchors, and notes the agent governance market will grow from $340M in 2025 to $4.83B by 2034. |
| s4 | The Definitive Guide to AI Agents in 2025: Technical Implementation, Strategic Decisions, and Market Reality | Nate's Newsletter (Substack) | 2025-06 | Provides a practitioner desk-reference covering OpenTelemetry GenAI conventions, Wells Fargo's 245M-interaction case study, and enterprise-deployment decision trees for AI agent observability — directly relevant to the discoverability and telemetry lane. |
| s5 | AI Agents Produce a New Kind of Data. Are You Storing It? | Stéphane D. (Substack) | 2026-03 | Documents that enterprises are deploying 50+ agents with no shared memory or governance, and that OWASP lists memory poisoning as a top agentic risk for 2026, directly supporting claims about dark-code discoverability gaps. |
| s6 | The problem with agentic AI in 2025 | Platforms, AI, and the Economics of BigTech (Substack) | 2025-10 | Argues that RPA-trained practitioners impose outdated change-management mental models on agentic systems, limiting governance redesign — directly mapping to the management-theory-under-strain research angle. |
| s7 | Agentic AI Governance: Singapore Built the Skeleton, Not the Immune System | Rock Cyber Musings (Substack) | 2026-02 | Critiques Singapore's MGF, identifying that human-in-the-loop oversight at 'significant checkpoints' is arithmetically unscalable for enterprises running 50+ agents at 20 tool calls per hour — a key governance failure mode. |
| s8 | Rethinking AI Agents: A Principal-Agent Perspective | California Management Review | 2025-07 | Peer-reviewed management research applying principal-agent theory to AI agents, finding that generative AI agents exhibit 'surprising, unpredictable, and even erratic' behavior that undermines classical oversight and incentive mechanisms. |
| s9 | When AI Agents Act: Governance, Accountability, and… | International Journal of Research and Scientific Innovation | 2025-12 | Peer-reviewed paper arguing that accountability for AI agents must shift from intent-based to structure-based responsibility, and that current governance models cannot address decisions made by non-human actors persisting beyond a single manager's oversight. |
| s10 | Inherent and emergent liability issues in LLM-based agentic systems: a principal-agent perspective | arXiv | 2025-04 | Academic analysis showing LLM agents cannot form authentic principal-agent relationships due to flawed agency, and that agent failures should be treated as product liability — challenging enterprise RACI and accountability frameworks. |
| s11 | When AI Becomes an Agent of the Firm: Examining the Evolution of AI in Organizations Through an Agency Theory Lens | Journal of Management Studies | 2025-08 | Major management journal paper arguing that AI evolution fundamentally disrupts traditional agency monitoring patterns, requiring new institutional frameworks as AI moves from tool to autonomous decision-maker. |
| s12 | Governing the Agentic Enterprise: A New Operating Model for Autonomous AI at Scale | California Management Review | 2026-03 | Proposes an Agentic Operating Model where intelligence is deliberately fragmented to make accountability tractable, directly addressing failure modes when enterprises apply deterministic software governance to non-deterministic agent systems. |
| s13 | The Principal-Agent Problem We're Quietly Building into AI Agents | Medium | 2026-01 | Documents that organisations are placing AI agents on org charts and granting them authority over real decisions, noting a notable 2026 enterprise trend of 'policy as code' for agents paired with centralised logging as an emerging governance response. |
| s14 | Singapore: Governance Framework for Agentic AI Launched | Baker McKenzie | 2026-01 | Primary legal analysis of Singapore's January 2026 MGF, the world's first governance framework specifically designed for agentic AI, covering risk bounding, human accountability, technical controls, and end-user responsibility across the agent lifecycle. |
| s15 | New Model AI Governance Framework for Agentic AI – IMDA Press Release | Singapore IMDA (official) | 2026-01 | Primary source: Singapore's IMDA official launch announcement for the MGF for Agentic AI, establishing the first national accountability structure mandating human oversight, technical controls, and agent identity management. |
| s16 | OpenAI co-founds the Agentic AI Foundation under the Linux Foundation | OpenAI (official) | 2025-12 | Official OpenAI announcement that AGENTS.md has been adopted by 60,000+ open-source projects and that the AAIF provides neutral governance for agent interoperability standards — a direct institutional response to the fragmentation and provenance-tracking problem. |
| s17 | OpenAI, Anthropic, and Block join new Linux Foundation effort to standardize the AI agent era | TechCrunch | 2025-12 | Reports that the AAIF's goal includes 'shared safety patterns and interoperability' as well as vendor-neutral governance, framing it as an industry hedge against regulatory fragmentation for agent-generated artefacts. |
| s18 | Anthropic launches enterprise 'Agent Skills' and opens the standard | VentureBeat | 2025-12 | Documents governance questions raised by open-standard agent skills — long-term stewardship undefined, malicious skills could introduce vulnerabilities — directly illustrating the provenance and accountability gap for enterprise-deployed agent code. |
| s19 | Your Defense Code Is Already AI-Generated. Now What? | War on the Rocks | 2026-03 | Documents that Microsoft CEO Satya Nadella confirmed 20-30% of Microsoft repo code is AI-generated but that there is no reliable post-hoc method to detect it, establishing the provenance-blindness problem at the highest production scale. |
| s20 | Enterprise AI Governance Framework for Coding Assistants | Exceeds AI | 2026-03 | Practitioner framework showing that enterprises are deploying pre-commit hooks with AI-code thresholds (>60% AI-generated requires enhanced review), AI Bills of Materials, and DORA-metric audit trails as concrete dark-code governance controls. |
| s21 | AI Agent Observability – Evolving Standards and Best Practices | OpenTelemetry (official) | 2025-03 | Official OpenTelemetry documentation establishing that all AI agent frameworks must adopt the AI agent framework semantic convention for interoperability in observability data — the emerging standard for dark-code runtime inspectability. |
| s22 | Distributed tracing for agentic workflows with OpenTelemetry | Red Hat Developer | 2026-04 | April 2026 implementation guide demonstrating OpenTelemetry-based distributed tracing across multi-agent workflows (routing agents, specialist agents, MCP servers), directly addressing the observability and discoverability of agent logic in production. |
| s23 | Vibe Coding's Security Debt: The AI-Generated CVE Surge | Cloud Security Alliance Labs | 2026-04 | CSA empirical research finding that Fortune 50 enterprises using AI-assisted developers experience 10x more security findings alongside 3-4x velocity gains, documenting governance ownership fragmentation (Security 39%, IT 32%, AI Security 13%). |
| s24 | Vibe Coding Security Crisis: Credential Sprawl and SDLC Debt | Cloud Security Alliance Labs | 2026-04 | Shows AI-assisted commits expose secrets at more than twice the rate of human-only commits (3.2% vs 1.5%), with only 24% of organisations comprehensively reviewing AI-generated code — quantifying the dark-code audit gap. |
| s25 | As Coders Adopt AI Agents, Security Pitfalls Lurk in 2026 | Dark Reading | 2025-12 | Industry trade coverage confirming that 85% of developers now use AI coding tools regularly (JetBrains Oct 2025 survey of 25,000), while top-performing LLMs still produce insecure code 31-44% of the time under BaxBench benchmarks. |