If an agent causes harm, is the liability chain clear?

When an agent causes harm, who’s responsible? The human who delegated authority to it. The team that deployed it. The vendor who built the model. The integrator who connected it to production systems. All may share responsibility — and if no one owns the answer before something goes wrong, everyone will point at each other when it does.

Agent provenance matters for liability in the same way a software bill of materials matters for supply chain security. Which model, which version, which system prompt, which tools were available, which authority was granted? The ability to reconstruct this chain is what separates a governable deployment from an ungovernable one.

The uncomfortable truth: most organisations deploying agents today cannot answer this question clearly. The liability chain is implicit, spread across teams, and undocumented. Clarifying it is not a legal exercise — it’s an architecture decision.