Agent Sprawl Will Be the Next Shadow IT

Enterprise AI agents are going to spread faster than most governance teams expect.

Not because every agent will be sophisticated. Many will be simple, narrow, and embedded inside software employees already use. That is exactly why sprawl will be hard to see.

Gartner warned in April 2026 that the average Global Fortune 500 enterprise could have more than 150,000 agents in use by 2028, up from fewer than 15 in 2025. Gartner also reported that only 13% of organizations think they have the right AI agent governance in place.

Even if the exact number varies by company, the direction is obvious.

Agent sprawl is coming.

This Will Not Look Like One Big AI Rollout

Shadow IT did not happen because employees woke up wanting architectural fragmentation. It happened because useful tools were easier to adopt than sanctioned systems were to improve.

Agent sprawl will follow the same pattern.

A sales team enables an embedded assistant. A finance team builds a reconciliation agent. A product team connects a coding agent to issue workflows. HR adopts an employee-service agent. Customer support experiments with automatic triage. Analysts create document agents inside collaboration tools.

Each local decision looks reasonable. The aggregate system becomes opaque.

The risk is not only that agents exist. The risk is that nobody can answer basic questions:

• Which agents are active?
• Who owns them?
• What can they access?
• What actions can they take?
• Which data do they retain?
• How are they monitored?
• When should they be retired?

If those answers are missing, the organization has shadow AI.

Blocking Will Not Work

The least useful response is blanket restriction.

Employees will use agents because the tools are arriving inside everyday software and because the productivity pressure is real. If official channels are slow, people will route around them.

That does not mean companies should allow everything. It means governance has to provide a usable path.

The goal is not "no agents." The goal is known agents, owned agents, scoped agents, monitored agents, and retired agents when they no longer serve a purpose.

Agent Identity Becomes Core Infrastructure

One of the biggest governance mistakes will be treating agents as features instead of actors.

Agents need identity.

They may act on behalf of a user, a team, a workflow, or a system account. Each pattern has different implications. If an agent changes a record, sends a message, retrieves a document, or triggers a workflow, the organization needs to know whether the action came from the user, the agent, or both.

Without agent identity, audit trails collapse into ambiguity.

That makes permissioning, incident response, and accountability much harder than they need to be.

Inventory Is the First Control

Before advanced AI governance, companies need basic inventory.

An agent inventory should track:

• owner,
• purpose,
• connected systems,
• data access,
• permitted actions,
• model or provider dependencies,
• evaluation status,
• last activity,
• and retirement date or review cadence.

This is not glamorous work. It is the foundation that makes every other control possible.

You cannot govern what you cannot name.

Where Gaia Fits

Gaia's governance and runtime model is relevant because agents need lifecycle evidence, not just configuration screens. Teams need to see how agents are designed, connected, evaluated, operated, and improved across real workflows.

The best next resources are the platform overview, user guide, and AI Engineer Handbook. The common theme is that agent operations need a governed control plane before the number of agents becomes unmanageable.

Practical Takeaway

Build the agent inventory before the agent population explodes.

For every agent, require an owner, purpose, identity model, access scope, action scope, logs, evaluation approach, and retirement rule.

If that sounds heavy, compare it to discovering two years from now that the enterprise has thousands of unaudited actors moving through production systems with no shared naming, no lifecycle, and no accountable owner.