A few weeks ago we audited our own production system, an autonomous AI agent fleet that runs tool-wired agents around the clock, by doing something embarrassingly simple: we drove it end-to-end, the way a user would, and asked which parts came up unconnected. The answer was roughly three dozen user-facing features (about 34; we counted, and we're not rounding) that had shipped and silently died. The command existed. The interface existed. The engine behind it had never been wired, or had quietly stopped. Each one returned a polite "nothing here" while every dashboard stayed green. Tests and static analysis had missed the class for weeks. We shipped a validated fix and a one-command regression guard, and then we sat with the more uncomfortable finding.

Nothing attacked us. Nothing crashed. Nothing alarmed. If those thirty-four silent stubs had been carrying money movements, eligibility checks, or claims intake for a real business, the result would have been a loss, a real one and possibly a large one, with no breach to report, no incident timestamp, and no adversary to name. Which security product was supposed to catch that? Which insurance policy was supposed to pay for it?

That question has a shape, and the shape is the subject of this essay. AI-agent adoption is creating a loss class that is simultaneously non-adversarial, correlated, and silent, and nearly every established risk instrument was built to miss at least one of those three properties. We didn't discover this class; over the past year, academic and industry literature has converged on naming it, and we'll cite that work below. What we can add is the part the outside view structurally can't supply: what the class looks like from inside the infrastructure, where the failures actually happen.