Agent sprawl, the uncontrolled proliferation of AI agents across an enterprise, is now a top concern at 94% of enterprises according to OutSystems (2026, n=1,900 IT leaders). Platforms including Atlan, IBM, Okta, Databricks, and Gartner-advised enterprises are all contending with the same root challenge: agents are accumulating faster than the governance frameworks, shared context, or lifecycle management needed to keep them coordinated. Most governance programs address one dimension of sprawl: ungoverned agents. What they do not currently address is the second, harder dimension: agents that each build isolated, conflicting understandings of the business. Prukalpa Sankar, Co-founder of Atlan, named this “context sprawl,” and it is the dimension that no identity registry alone can fix.
| What it is | Uncontrolled proliferation of AI agents without shared governance or shared context |
| Key stat | 150,000 agents per Fortune 500 by 2028 (Gartner, 2026); 94% of enterprises concerned (OutSystems, 2026) |
| Who experiences it | Any enterprise running 3+ agents on different stacks without a shared context layer |
| Root cause | Two dimensions: identity sprawl (no governance) + context sprawl (no shared semantic layer) |
| Structural fix | Governance control plane (identity) + shared context layer (semantics), both required |
| Maturity signal | Level 4-5 governance organizations achieve 94.3% lower sprawl indices (arXiv 2604.16338, 2026) |
This guide covers: what agent sprawl is and why it is growing so fast, the two distinct dimensions (identity sprawl vs. context sprawl), the five sprawl patterns that appear in enterprise deployments, why agent sprawl mirrors BI sprawl, why governance is necessary but not sufficient, and how a shared context layer addresses the gap governance leaves.
The 38% context gap: research from Atlan AI Labs
Atlan AI Labs measured a 38% SQL accuracy improvement when agents are grounded in governance metadata versus raw schema. Get the research behind the number.
Get the AI Labs ReportWhat is agent sprawl and why is it growing so fast?
Permalink to “What is agent sprawl and why is it growing so fast?”Agent sprawl is the uncontrolled proliferation of AI agents across an enterprise, accumulating faster than governance frameworks, shared context, or coordinated lifecycle management can keep pace. A practitioner on r/AI_Agents described it plainly in April 2026: “We went from 3 agents to 40 in four months. Nobody knows what half of them do.” That sentence captures the exact failure mode: rapid deployment without inventory, governance, or shared context.
The scale of the problem is growing faster than most teams anticipate. According to the Salesforce Connectivity Benchmark Report (2026, n=1,050 IT leaders), the average enterprise runs 12 AI agents today, a figure projected to grow 67% by 2027. IBM (citing Gartner) estimates that large enterprises will operate more than 1,600 agents by end-2026. According to Gartner (April 2026), the average Fortune 500 will run 150,000 AI agents by 2028, up from fewer than 15 in 2025.
The driver behind that growth is structural. Agent development frameworks like LangChain, LlamaIndex, and CrewAI have lowered the barrier to building an agent to hours. Business units deploy agents independently, often without notifying IT or data governance teams. Max Goss, Sr. Director Analyst at Gartner, described the outcome: “As CIOs and IT leaders see an explosion of AI agents across their organizations, many are contending with an ungoverned sprawl of agents that expose their organizations to a range of risks, including misinformation, oversharing and data loss.”
According to IBM (2026), only 13% of organizations believe they have the right AI agent governance in place. The OutSystems State of AI Development Report found that 96% of organizations already use AI agents in some capacity, and 94% report concern that sprawl is increasing complexity, technical debt, and security risk. The agents are already deployed. The governance is not.
Agent sprawl is not inevitable. It is a structural problem with a structural fix. Addressing it requires naming both of its dimensions clearly, which most governance frameworks do not yet do.
Identity sprawl vs. context sprawl: what is the difference?
Permalink to “Identity sprawl vs. context sprawl: what is the difference?”Agent sprawl has two distinct dimensions, and most enterprise governance programs address only one of them: the visible one.
Identity sprawl: agents without governance
Permalink to “Identity sprawl: agents without governance”Identity sprawl is the dimension that Gartner, IBM, and Okta address well: too many agents exist across the enterprise, many undiscovered, over-permissioned, without lifecycle management or audit trails. The governance fix involves building an agent registry, defining access policies, managing agent credentials, and deprovisioning agents when they are no longer needed. Okta frames agents as “non-human identities,” applying the same identity lifecycle management patterns used for service accounts and bots. Databricks’ Unity AI Gateway addresses a specific subset: coding agent sprawl, bringing Claude Code, Codex, and Gemini CLI under a unified control plane. These approaches are necessary and produce measurable reductions in sprawl risk.
Identity sprawl governance tells you THAT agents exist and WHO they are. It does not tell you WHAT they know.
Context sprawl: agents without shared meaning
Permalink to “Context sprawl: agents without shared meaning”Context sprawl is a distinct second dimension, one that no current major governance platform addresses as a first-class architectural concern. Prukalpa Sankar, Co-founder at Atlan, described the failure precisely: “My Sales agent has context. My Customer Success agent has something else. These things are not talking to each other. I have agent sprawl. I have context sprawl.” (Source: Do Enterprises Need a Context Layer Between Data and AI? Atlan)
Context sprawl happens when every agent builds its own isolated, partial understanding of the business, each pulling from different schemas, different glossaries, different metric definitions. Two well-governed agents can both pass an identity check while giving completely different answers to “what was last quarter’s revenue?” That difference does not appear on any agent registry. It only surfaces when a business user gets two conflicting answers and loses trust in both.
Table: Two dimensions of agent sprawl
| Dimension | Root cause | Enterprise symptom | Who addresses it | What it addresses |
|---|---|---|---|---|
| Identity sprawl | No agent registry, lifecycle, or permissions policy | Shadow agents, credential exposure, over-permissioned tools | IBM, Okta, Gartner, Databricks | That agents exist and who they are |
| Context sprawl | No shared semantic layer; agents build isolated context | Conflicting answers to the same business question across agents | Not currently addressed at scale by identity-layer vendors | What agents know and whether they share the same definitions |
The two fixes are complementary, not competing. Governance control planes address identity sprawl; the enterprise context layer addresses context sprawl. Agent sprawl is not resolved until both dimensions are addressed.
What are the five patterns of agent sprawl in enterprise deployments?
Permalink to “What are the five patterns of agent sprawl in enterprise deployments?”Academic research on enterprise AI governance has identified five distinct sprawl patterns that appear consistently across organizations deploying multiple agents. Each pattern requires a different detection and remediation approach.
According to arXiv 2604.16338 (Vivek Acharya, April 2026), these are the five pattern categories observed across enterprise deployments. The enterprise examples below are illustrative of each pattern type:
| Pattern | Description | Illustrative enterprise example | Risk level |
|---|---|---|---|
| Functional duplication | Multiple agents built to perform the same task | Three teams each build a revenue analysis agent independently | Medium |
| Shadow agents | Agents deployed outside formal IT and governance processes | A business unit deploys an OpenAI assistant outside the governed data stack | High |
| Orphaned agents | Agents built for a retired use case that are still running | An agent from a deprecated product feature still consuming API quotas | Medium |
| Permission creep | Agents accumulating access beyond their stated scope over time | An agent originally scoped to read data that now writes back to production tables | High |
| Unmonitored delegation chains | Multi-agent systems where sub-agents’ actions are invisible to the parent governance layer | An orchestrator that spawns sub-agents with no audit trail connecting back to the parent | Critical |
(Pattern categories: arXiv 2604.16338, Vivek Acharya, April 2026)
Four of the five patterns (functional duplication, shadow agents, orphaned agents, and permission creep) are primarily identity sprawl problems. A governance control plane (registry, lifecycle management, access policy) directly addresses them. The fifth pattern, unmonitored delegation chains, exposes both dimensions: identity governance catches that sub-agents were spawned, but context sprawl determines whether those sub-agents are reasoning from coherent, shared definitions of the business.
The research also found that organizations with mature governance (Level 4-5) achieve 94.3% lower sprawl indices compared to Level 1 organizations. Governance maturity is the strongest single lever for reducing sprawl. The critical nuance: that reduction is measured against identity-traceable sprawl patterns. Context divergence, where agents share a registry but disagree on definitions, is not captured by current maturity models.
According to Deloitte (State of AI in the Enterprise, 2026, n=3,235), only one in five companies reports a mature governance model for autonomous AI agents. Understanding multi-agent memory silos provides the complementary lens: while sprawl describes agent proliferation at the organizational level, memory silos describe context fragmentation at the individual-agent level.
Context Gap Calculator: how many isolated context surfaces does your agent estate have?
The Context Gap Calculator shows how many isolated context surfaces your agent estate is generating and the accuracy cost of not centralizing them.
Calculate Your Context GapWhy agent sprawl is the new BI sprawl
Permalink to “Why agent sprawl is the new BI sprawl”BI sprawl and agent sprawl share the same root failure: semantic fragmentation at different technology layers.
BI sprawl happened when every team built their own metrics without a shared semantic layer. Revenue was defined one way by the revenue team, another by finance, a third by the executive dashboard. The data was not wrong. The meaning layer was fragmented. There was no single agreed definition that every BI tool consumed. The fix was a shared semantic layer: governed glossaries, dbt metrics, semantic layers that every downstream tool inherited rather than rebuilding independently.
Agent sprawl follows the same pattern at the meaning level. Every team is building agents that each query different schemas, pull from different glossaries, and inherit different metric definitions. The result is not bad orchestration. It is conflicting answers to identical business questions, because the semantic substrate beneath each agent is different. Each agent is correct within its own isolated context. None of them are aligned with the others.
Walmart Global Tech documented this transformation directly. Ricky Huynh, Lead Product Manager for Developer Platform at Walmart, described how Walmart had deployed specialized bots across product search, scheduling, and advertising over two years, each built in isolation with different underlying LLMs and data frameworks. The result was customer confusion, overlapping assistants, and “islands of agents without a unified communication framework.” The piece explicitly names Model Context Protocol (MCP) and shared context frameworks as the path toward resolving this fragmentation: a shared communication and meaning layer, not just better orchestration.
Harrison Chase, CEO of LangChain, captured the architectural thesis externally: “which is exactly why we believe memory should live outside of model providers.” Context is infrastructure, not a model feature or an orchestration feature. It is the substrate beneath both.
Other framings exist: the analogy “agent sprawl is the new IT sprawl” describes tool proliferation. The BI sprawl analogy is more precise because BI sprawl was specifically a semantic fragmentation problem, where meaning was built independently across teams and never centralized, and that is the exact mechanism at work with agents. The analogy also predicts the remediation timeline: BI sprawl took roughly five years to tame with semantic layers. Agent sprawl is earlier in that curve.
For more on who will own the context layer as agents proliferate, the governance ownership question is directly connected to the sprawl remediation strategy.
Why governance and identity management alone do not fix agent sprawl
Permalink to “Why governance and identity management alone do not fix agent sprawl”The Gartner six-step framework is necessary. It is not complete. A shared context layer addresses the dimension governance does not.
What governance gets right
Permalink to “What governance gets right”The Gartner framework, IBM’s agent registry approach, and Okta’s non-human identity management all address genuine and critical problems. Building a centralized agent inventory, enforcing least-privilege access, managing agent provisioning and deprovisioning, and monitoring agent behavior prevent shadow agents, permission creep, and orphaned agents. The arXiv 2604.16338 research confirms the impact: Level 4-5 governance maturity achieves 94.3% lower sprawl indices. Governance investment produces real, measurable sprawl reduction. It is the necessary foundation.
What governance does not address
Permalink to “What governance does not address”Context coherence, specifically whether two governed agents share the same understanding of a business term, is not captured by identity lifecycle management. A fully governed agent (registered, permissioned, audited, monitored) can still give the wrong answer if it is reasoning from isolated or conflicting context. The BNY Mellon case illustrates the gap: according to internal evidence, BNY Mellon launched 1,000 Databricks Genie rooms, fully governed and properly permissioned, and 90% were abandoned within a month. Not because they were ungoverned. Because the business did not trust agents that were not grounded in live, shared context.
The concrete failure mode: recognized_revenue_q4 means three different things across three governed agents in the same enterprise. No access policy prevents this divergence. No agent registry captures it. It only surfaces when business users get conflicting answers and lose confidence in the entire agent estate.
Table: Governance approach comparison
| Approach | Vendor examples | What it addresses | What remains |
|---|---|---|---|
| Identity lifecycle management | Okta, IBM | Agent registration, permissions, provisioning | Whether agents share canonical business definitions |
| Control plane governance | Databricks Unity AI Gateway | Tool access, API usage, audit logging | Context coherence across agents |
| Observability / registry | Oximy, various | Agent behavior, usage patterns | Upstream semantic alignment |
| Shared context layer | Atlan | Business definitions, lineage, policies at runtime | Complementary to governance, not a replacement |
According to McKinsey (State of AI Trust, 2026), only 1 in 3 enterprises has reached governance maturity adequate for the autonomous agents already being deployed. The 94.3% sprawl reduction from governance maturity is real. The 1-in-3 baseline is also real. These are not contradictory: governance is the highest-investment starting point for most enterprises. The context layer is the additional investment that governs what governed agents know.
The distinction between ADLC and SDLC is directly relevant: agent development lifecycle governance treats context, evaluation, and governance as first-class lifecycle concerns, not afterthoughts bolted onto software development patterns designed for deterministic code.
How the shared context layer fixes agent sprawl
Permalink to “How the shared context layer fixes agent sprawl”The structural complement to governance is a shared context layer: one governed, live, machine-readable semantic substrate that every agent inherits at runtime instead of rebuilding in isolation.
When agents each maintain their own context stores, definition drift is inevitable. A shared context layer gives every agent the same canonical understanding of the business at runtime.
What a shared context layer provides
Permalink to “What a shared context layer provides”A shared context layer gives every agent access to the same governed understanding of the business:
- Canonical definitions: One agreed definition of
recognized_revenue_q4that every agent queries, not rebuilt per agent, not sourced from raw schema. - Lineage: Agents know what the data means AND where it came from, tracing context back to its certified source.
- Policies: Access rules, quality signals, and ownership enforced at query time, not build time.
- Live updates: Context stays current as the business evolves, rather than accumulating as stale per-agent prompts that never get refreshed.
Why per-agent context stores fail at scale
Permalink to “Why per-agent context stores fail at scale”Every agent that builds its own context creates a new definition surface. According to Salesforce (Connectivity Benchmark 2026), 50% of enterprise AI agents already operate in isolated silos rather than coordinated multi-agent systems. Practitioners have named the downstream effect: “context rot,” where stale context accumulates in per-agent stores without detection, quietly degrading answer quality over time.
According to arXiv 2603.17787 (2026), multi-agent systems without shared governance fail at a 77.5% rate. A Snowflake internal experiment confirmed the mechanism directly: adding a shared ontology layer improved agent answer accuracy by 20% and reduced unnecessary tool calls by 39%. Context centralization reduces sprawl and directly improves agent performance.
Context Repos, which are versioned, certified, portable context reusable across agent frameworks “like code,” address the cross-platform duplication problem directly. Context is engineered once, certified, and consumed everywhere, rather than rebuilt per agent or per team.
See also: context architecture for AI agents, how to standardize AI tooling across business units, and why AI agents need an enterprise context layer.
The context layer is not a replacement for governance. It is the missing complement. Governance governs that agents exist and what they can do. The context layer governs what they know. Both are required for an agent estate that stays coherent as it scales.
How Atlan addresses agent sprawl and context sprawl
Permalink to “How Atlan addresses agent sprawl and context sprawl”Atlan’s approach to agent sprawl starts at the layer most governance tools currently skip: the meaning layer, not the identity layer.
The governance problem most tools address is knowing that agents exist and constraining what they can do. Atlan addresses the complement: ensuring every agent, regardless of framework, cloud, or business unit, reasons from the same governed understanding of the business. Two agents built by two teams can both pass an identity governance check while giving completely different answers to “what was last quarter’s revenue?” That is context sprawl, and it does not appear on any agent registry.
Atlan’s Enterprise Data Graph is a shared, governed substrate of assets, lineage, ownership, quality signals, and canonical business definitions, exposing them to any agent at runtime via a native MCP server. Context Repos let teams version, certify, and reuse context across agent frameworks “like code,” so context is engineered once and consumed everywhere instead of being rebuilt per agent. The Context Engineering Studio gives teams a systematic workflow for building and testing context before it enters production agents. Domain teams own their context locally (federated governance) while every agent inherits a consistent organizational truth.
The outcomes are quantifiable. Atlan AI Labs found a 38% SQL accuracy improvement when agents were grounded in governance metadata versus raw schema. At Workday, Joe DosSantos, VP of Enterprise Data and Analytics, described the before state: “We built a revenue analysis agent, and it couldn’t answer one question. We started to realize we were missing this translation layer. We had no way to interpret human language against the structure of the data.” After grounding agents in Atlan’s shared context, Workday achieved a 5x improvement in AI accuracy. The Snowflake internal experiment independently confirmed the mechanism: shared ontology layer, 20% accuracy improvement, 39% fewer unnecessary tool calls.
For teams building or evaluating their agent architecture, the agent harness vs agent framework distinction is the adjacent vocabulary decision: context sprawl compounds when teams pick incompatible harness and framework combinations without a shared context layer beneath both.
Context Maturity Assessment: where is your organization on the context maturity curve?
The Context Maturity Assessment maps where your data and AI estate sits on the path from static catalog to runtime context layer, and identifies your highest-leverage next step.
Take the AssessmentReal stories from real customers: Context sprawl solved at scale
Permalink to “Real stories from real customers: Context sprawl solved at scale”"We're excited to build the future of AI governance with Atlan. All of the work that we did to get to a shared language at Workday can be leveraged by AI via Atlan's MCP server...as part of Atlan's AI Labs, we're co-building the semantic layer that AI needs with new constructs, like context products."
Joe DosSantos, VP of Enterprise Data & Analytics, Workday
"Atlan is much more than a catalog of catalogs. It's more of a context operating system...Atlan enabled us to easily activate metadata for everything from discovery in the marketplace to AI governance to data quality to an MCP server delivering context to AI models."
Sridher Arumugham, Chief Data & Analytics Officer, DigiKey
Why naming these distinctions is what prevents agent sprawl from compounding
Permalink to “Why naming these distinctions is what prevents agent sprawl from compounding”Most teams discover agent sprawl after it has already compounded. The r/AI_Agents thread captures the moment of recognition: 40 agents, nobody knows what half do. The BNY Mellon evidence captures the downstream cost: 1,000 governed rooms, 90% abandoned because context trust was missing even when identity governance was in place. The Walmart story captures the path through: shared context and communication frameworks that give every agent a consistent surface to inherit.
The common thread is naming the two dimensions precisely. Identity sprawl requires a governance control plane. Context sprawl requires a shared meaning layer. These are different problems with different structural fixes. Treating both as the same “governance problem” is why well-funded governance programs can still produce agents that give conflicting answers.
Practitioners have named the long-term cost of context sprawl going unaddressed: “context rot,” where stale context accumulates in per-agent stores without detection, quietly degrading answer quality over time. The countermeasure is not more governance. It is a shared, live, governed context layer that every agent inherits at runtime.
Enterprise teams that name both dimensions, assign ownership to both, and build the context layer alongside the governance control plane are the ones whose agent estates remain coherent as they scale. The vocabulary for those two dimensions, identity sprawl and context sprawl, is what this page is meant to give practitioners before they discover both problems the hard way.
FAQs about agent sprawl
Permalink to “FAQs about agent sprawl”1. What is agent sprawl in AI?
Permalink to “1. What is agent sprawl in AI?”Agent sprawl is the uncontrolled proliferation of AI agents across an enterprise without coordinated governance, shared context, or lifecycle management. According to OutSystems (2026, n=1,900), 94% of enterprises already report concern that agent sprawl is increasing complexity, technical debt, and security risk. The average enterprise runs 12 AI agents today, projected to grow 67% by 2027.
2. What is the difference between agent sprawl and shadow AI?
Permalink to “2. What is the difference between agent sprawl and shadow AI?”Shadow AI is one cause of agent sprawl, referring to unauthorized agents deployed outside formal IT and governance processes. Agent sprawl is broader: it includes authorized agents that are simply ungoverned, duplicated, or uncoordinated. A well-governed agent can still contribute to sprawl if it builds isolated context that conflicts with other agents in the enterprise.
3. How do you prevent agent sprawl?
Permalink to “3. How do you prevent agent sprawl?”Preventing agent sprawl requires two structural fixes: a governance control plane (registry, lifecycle management, least-privilege access) to address identity sprawl, and a shared context layer to prevent context drift across agents. These fixes are complementary. Governance alone is necessary but insufficient: it governs that agents exist but not whether they share the same understanding of the business.
4. How is agent sprawl different from BI sprawl or data sprawl?
Permalink to “4. How is agent sprawl different from BI sprawl or data sprawl?”BI sprawl occurred because every team built their own metrics without a shared semantic layer, resulting in conflicting KPI definitions. Data sprawl occurs when data assets proliferate without a governed data catalog. Agent sprawl follows the same root pattern: every agent builds its own context without a shared context layer. The structural fix at each layer is the same: centralize the meaning layer.
5. How many AI agents does the average enterprise run in 2026?
Permalink to “5. How many AI agents does the average enterprise run in 2026?”According to the Salesforce Connectivity Benchmark (2026), the average enterprise runs 12 AI agents today, projected to grow 67% by 2027. IBM (citing Gartner) estimates large enterprises will operate more than 1,600 agents by end-2026. Gartner projects 150,000 agents per average Fortune 500 by 2028. Meanwhile, 94% of enterprises report sprawl-driven concern and only one in five report mature agent governance.
6. What does Gartner recommend for managing AI agent sprawl?
Permalink to “6. What does Gartner recommend for managing AI agent sprawl?”Gartner’s six-step framework (Max Goss, Sr. Director Analyst, April 2026) covers: establish governance policy, build a centralized agent inventory, define agent identity and permissions, implement AI information governance, monitor and remediate agent behavior, and build governance culture. These steps are necessary and effective for identity sprawl. Context sprawl, whether agents share canonical business definitions, is a complementary problem that requires a shared semantic layer alongside the governance control plane.
Sources
Permalink to “Sources”- Gartner Identifies Six Steps to Manage Artificial Intelligence Agent Sprawl. https://www.gartner.com/en/newsroom/press-releases/2026-04-28-gartner-identifies-six-steps-to-manage-artificial-intelligence-agent-sprawl
- Agentic AI Goes Mainstream in the Enterprise, but 94% Raise Concern About Sprawl. OutSystems. https://www.outsystems.com/news/enterprise-ai-agent-report-2026/
- Salesforce Connectivity Benchmark Report 2026. Salesforce. https://www.salesforce.com/news/stories/connectivity-report-announcement-2026/
- What is AI Agent Sprawl? IBM Think. https://www.ibm.com/think/topics/ai-agent-sprawl
- Governing the Agentic Enterprise. arXiv 2604.16338, Vivek Acharya. https://arxiv.org/abs/2604.16338
- State of AI in the Enterprise. Deloitte. https://www.deloitte.com/us/en/what-we-do/capabilities/applied-artificial-intelligence/content/state-of-ai-in-the-enterprise.html
- State of AI Trust in 2026: Shifting to the Agentic Era. McKinsey. https://www.mckinsey.com/capabilities/tech-and-ai/our-insights/tech-forward/state-of-ai-trust-in-2026-shifting-to-the-agentic-era
- Why solving Agent and RAG Sprawl is essential. Walmart Global Tech, Ricky Huynh. https://tech.walmart.com/content/walmart-global-tech/en_us/blog/post/solving-agent-and-rag-sprawl.html
- Do Enterprises Need a Context Layer Between Data and AI? Atlan. https://atlan.com/know/context-layer-enterprise-ai/
- Multi-Agent Memory Silos: Causes, Risks, and How to Solve Them. Atlan. https://atlan.com/know/multi-agent-memory-silos/
