Hundreds of AI agent startups have been funded. With Claude Code and Claude Cowork, the question is: will they be replaced?
Claude Code means code is becoming commoditized. Claude Cowork means agentic work is becoming a platform feature.
The question I’ve been thinking about is if both of those trends accelerate, what is defensible for AI agent companies?
My current “Top 10” for AI Agent defensibility
1. Own a complex system of action. Build multi-user queues, handoffs, escalation paths, and approvals. If removing the LLM still leaves you with a valuable workflow product, you are closer to defensible.
2. Human-in-the-loop mandate. High-stakes decisions where errors have legal, financial, or safety consequences require human judgment and accountability.
3. Build proprietary workflow logic. Focus on domain-specific policies, exception taxonomies, deterministic checks, and regression tests for agent behavior. As coding gets cheap, maintaining correctness under change is the hard part.
4. Accumulate a context graph. Capture the graph of decisions made, exceptions resolved, and outcomes achieved. General agent platforms can read your data, but they cannot replicate your history of action and resolution.
5. Pursue a regulatory moat. Agents can’t get licensed, certified, or audited. Compliance requires human accountability chains.
6. Achieve a proprietary data flywheel. Not static data—but live, continuously generated data from operations that compounds in value.
7. Physical world or marketplace integration. Physical infrastructure and marketplaces create moats that are capital-intensive to replicate.
8. Earn trust through distribution. A defensible go-to-market likely requires a considered purchase and domain expertise selling into a particular buyer or vertical.
9. Security posture. Autonomous agents create a new security boundary. You need sandboxing, scoped credentials, and audit trails to survive enterprise scrutiny.
10. Sell outcomes, not software. Offer throughput guarantees, accuracy SLAs, and reduced operational risk.
