The main point for me is that agent safety should not only be model-level safety. It also needs operational safety: dry-runs, approval gates, policy boundaries, audit logs, rollback plans, and admin control.
That is what enterprises already expect from CI/CD, cloud operations, and security tooling. AI agents will probably need the same kind of operational guardrails before companies fully trust them with real work.