TekCapitol · Kyklos360 Methodology · 3-Week Consulting Deliverable · Confidential
AI Agent Risk &
Readiness Report
Readiness Report
Prepared for CloudSync, Inc. · Series C SaaS · Data Infrastructure Platform
This is a sample consulting deliverable. Client details are anonymized.
Self-serve preview: Kyklos360 Assessment at tekcapitol.com/kyklos/ · EDA sample: sample-assessment-report-eda.html
This is a sample consulting deliverable. Client details are anonymized.
Self-serve preview: Kyklos360 Assessment at tekcapitol.com/kyklos/ · EDA sample: sample-assessment-report-eda.html
About this deliverable
This report reflects a 3-week consulting engagement using the Kyklos360 methodology. The same readiness questions apply to any data-producing system — Snowflake, Salesforce, SAP, or proprietary tools. Kyklos360 Assessment (tekcapitol.com/kyklos/) offers a self-serve, upload-based version; Kyklos360 AgentOps (roadmap) will add live connectors and enforced governance.
This report reflects a 3-week consulting engagement using the Kyklos360 methodology. The same readiness questions apply to any data-producing system — Snowflake, Salesforce, SAP, or proprietary tools. Kyklos360 Assessment (tekcapitol.com/kyklos/) offers a self-serve, upload-based version; Kyklos360 AgentOps (roadmap) will add live connectors and enforced governance.
Executive Summary
Section 01
11.5
Readiness Score / 24
1.8
Risk Score / 4.0
5
Critical Gaps Found
CloudSync has built technically capable AI agents for customer health monitoring and support deflection. Both work correctly in staging. Neither is ready for enterprise production deployment. The primary gaps are in data validation, agent access controls, and governance — not in the AI models themselves.
⚠ Critical Finding 1
Customer health agent uses personal admin credentials with write access to production Salesforce. If these credentials are rotated or the engineer leaves, the agent breaks silently with no alerting. This is an active security risk.
⚠ Critical Finding 2
Zendesk support ticket data is not connected to the customer health scoring model. 31% of false positive at-risk flags in staging were caused by this missing data source — agents flagging healthy customers with active growth-related tickets as churn risks.
⚡ Critical Finding 3
No human approval gates exist for any agent action. The support deflection agent can close tickets autonomously with no human review. In enterprise environments this will trigger immediate objections from customer security teams.
⚡ Critical Finding 4
No audit trail exists for agent decisions. The customer health agent has been running in staging for 6 weeks with no logs. Cannot reconstruct any historical decision. This will block enterprise procurement in regulated industries.
✓ Strength
Snowflake data warehouse is well-structured with active dbt project. Data engineering team is strong. The Connect and Transform work builds on a solid foundation — estimated 30% faster to implement than a typical environment of this complexity.
Kyklos360 Readiness Scores
Section 02
Each dimension scored 0–4. 0 = not present. 4 = production-ready. Overall readiness of 18+ / 24 is our production-ready threshold. Kyklos360 is platform-agnostic — this engagement scoped Snowflake, Salesforce, Zendesk, and S3; the methodology applies equally to proprietary systems.
Dimension
Score
Status
Rating
Assess
2.5
Fair
Connect
2.0
Poor
Validate
1.0
Critical
Transform
2.5
Fair
Orchestrate
1.5
Critical
Monitor
2.0
Poor
Overall Readiness: 11.5 / 24
Below the production-ready threshold of 18/24. Two dimensions — Validate and Orchestrate — are critical blockers. Addressing these two dimensions alone would bring the score to approximately 16.5/24 and resolve the primary enterprise deal blockers.
Note: Orchestrate and Monitor recommendations in Kyklos360 Assessment preview what AgentOps would enforce (kill switches, circuit breakers). This consulting report includes implementation roadmap; Assessment app outputs are advisory until AgentOps ships.
Agent Risk Register
Section 03
Risk register covers both agents in scope: Customer Health Agent and Support Deflection Agent. Risk rated High / Medium / Low per dimension.
Risk Dimension
Finding
Rating
Access Risk
Customer Health Agent uses personal admin credentials with full Salesforce write access. Support Deflection Agent uses shared service account with broader access than required. Neither credential is scoped to least-privilege.
🔴 High
Action Risk
Customer Health Agent can update customer status fields autonomously. Support Deflection Agent can close tickets without human review. Neither action surface has been formally documented. No HITL gates in place for any action.
🔴 High
Assessment Risk
No agent decision logging implemented. 6 weeks of staging activity has no audit trail. Cannot reconstruct any agent decision on demand. This is a hard blocker for enterprise customers in financial services and healthcare verticals.
🔴 High
Recovery Risk
No documented kill switch procedure. Recovery requires full application redeployment — estimated 45-90 minutes. No rollback procedure for agent-initiated data changes. No incident owner identified.
🔴 High
Cost Risk
Both agents run all tasks through GPT-4o with no model routing. Estimated overspend vs optimized routing: $48,000/year at projected production volume. No token budget caps. No circuit breaker for runaway loops.
🟡 Medium
Approval Risk
No governance framework exists. Autonomous agent actions were not a deliberate documented decision — they were the default because nobody built approval gates. VP Engineering confirmed this was unintentional.
🔴 High
Overall Risk Assessment: High — 5 of 6 dimensions rated High Risk
These agents should not be deployed to enterprise production environments in their current state. The Access Risk and Assessment Risk findings alone would fail most enterprise AI security questionnaires. Remediation is straightforward — estimated 6 weeks to move from High Risk to Low Risk across all dimensions.
Prioritized Implementation Roadmap
Section 04
Recommendations prioritized by enterprise deal impact first, then readiness improvement. Effort rated S (1-2 weeks) / M (2-4 weeks) / L (4-8 weeks).
1
Immediate
Rotate credentials and implement least-privilege service accounts
Replace personal admin credentials with scoped service accounts. Read-only where appropriate. Specific schema access only. This resolves the highest-severity security risk immediately.
S · 1 week
High Impact
2
Week 1-2
Implement agent decision audit trail
Deploy LangSmith tracing. Write all agent actions to Snowflake assessment table — timestamp, input data, decision, output, model used. Enables full decision reconstruction. Resolves Assessment Risk immediately.
S · 1 week
High Impact
3
Week 2-4
Connect Zendesk and build business logic validation rules
Add Fivetran Zendesk connector. Build 24 business logic validation rules identified in workshop — customer status freshness, seasonal pattern handling, revenue period mismatch detection. Resolves 31% false positive rate.
M · 3 weeks
High Impact
4
Week 4-6
Build HITL gates and governance framework
Implement human approval gates for all autonomous agent actions. Define and document which decisions are permitted to run without approval. Install kill switch and rollback procedure. Resolves Action Risk and Approval Risk.
M · 2 weeks
High Impact
5
Week 6-8
Deploy model routing map and token budget controls
Implement Tier 1/2/3 model routing. Route retrieval tasks to Gemini Flash, classification to GPT-4o mini, reasoning to GPT-4o. Deploy token budget caps with circuit breaker. Estimated annual saving: $48,000 in API costs.
M · 2 weeks
Cost Impact
8
Weeks to production-ready
$48K
Annual token cost saving
5
Critical gaps to close
Draft Enterprise Security Questionnaire Answers
Section 05
Draft answers to the 5 most common enterprise AI security questions — based on findings from this assessment. These answers reflect the state after implementing roadmap items 1-4. Review with legal before submitting to prospects.
Q1. What data does your AI agent access, and how is access controlled?
Our customer health agent accesses customer status, contract, usage, and support ticket data stored in our Snowflake data warehouse. Access is controlled via a dedicated service account with read-only permissions scoped to specific schemas. The agent cannot access financial, HR, or PII data outside its defined scope. All credential provisioning follows our least-privilege access policy documented in our security runbook.
Note: This answer is valid after completing Roadmap Item 1 (credential rotation). Currently the agent uses admin credentials — do not submit this answer until Item 1 is complete.
Q2. Can your AI agent modify or delete customer data?
The customer health agent operates in read-only mode for all customer data retrieval. Any recommended action — such as CSM outreach or status flag — is routed to a human approval queue before execution. The agent cannot autonomously modify or delete any customer record. All proposed actions are logged before human review.
Note: Valid after completing Roadmap Item 4 (HITL gates). Currently the agent can modify Salesforce records autonomously.
Q3. How do you assessment what your AI agent did and why?
Every agent action is logged to an immutable assessment table in Snowflake — capturing timestamp, input data snapshot, decision rationale, output, model used, and the human approval record where applicable. Logs are retained for 24 months. Any specific agent decision can be reconstructed on demand within minutes. Assessment logs are available for customer review upon request.
Note: Valid after completing Roadmap Item 2 (audit trail). Currently no audit trail exists.
Q4. What happens if your AI agent makes an error that affects our data?
Our agent governance framework includes three levels of control: action-level HITL gates that prevent irreversible actions without human approval, a workflow pause capability that can stop all agent activity within 60 seconds, and a full credential revocation procedure that provides complete shutdown within 5 minutes. For any agent-initiated data change, we maintain a pre-action snapshot that enables rollback within the same business day.
Note: Valid after completing Roadmap Items 1 and 4.
Q5. How do you ensure your AI agent doesn't use our data to train future models?
Our agents use inference-only API calls to third-party LLM providers (OpenAI, Anthropic) with data processing agreements that prohibit use of customer data for model training. Customer data is never included in fine-tuning datasets. All LLM API calls are made with the training opt-out parameter set. Our DPA is available upon request.
Note: Verify current API agreements with OpenAI and Anthropic before submitting. Review with legal counsel.