Jay found it during a routine audit of the scenario registry. Every Monday morning, he pulled the full list, sorted by creation date, and scanned for anything that needed recalibration. It was housekeeping. The kind of task that took twenty minutes and ensured nothing drifted.
Scenario 6024 was new. Created the previous Thursday at 03:41 UTC. No author tag. No linked ticket. No commit message referencing its creation.
Jay opened it.
The scenario described a workflow he'd never seen before: a user provisions temporary access to a PostgreSQL database through StrongDM, the access grant propagates through the Okta twin for authentication, the session is logged in the Jira twin as an audit event, and then—here was the part that made Jay sit up—the user's access is automatically revoked when the Jira ticket transitions to "Done," with the revocation propagating back through Okta to invalidate the session token.
It was a closed loop. Access tied to ticket lifecycle. Provisioning and deprovisioning driven by project management state rather than explicit admin action.
It was elegant. It was also not something any of them had discussed.
Jay checked the git log for the scenario file. It had been committed by an agent. That wasn't unusual—agents committed code all the time. But scenarios were supposed to come from humans. That was the whole architecture: humans define intent through scenarios, agents implement code to satisfy those scenarios. The boundary between the two was the most important line in the factory's design.
He checked whether the scenario had been generated from a template. No template match. He checked if it was a composite of existing scenarios. The individual components existed—Okta auth, Jira audit logging, access provisioning—but nobody had ever combined them this way.
He asked Navan. Navan hadn't written it. He asked Justin. Justin read the scenario carefully, twice, and then said, "This is good."
"I know it's good," Jay said. "That's not the question. The question is where it came from."
Justin leaned back. "The scenarios are stored outside the codebase. The agents have read access for execution. Do they have write access?"
Jay checked. They did. A permissions oversight from the initial setup, never corrected because it had never mattered. Until now.
He spent the rest of the week investigating. He traced the agent's execution context. The agent had been working on a failing scenario involving Jira ticket transitions. During its investigation, it had apparently identified a gap in scenario coverage—a workflow that should have been tested but wasn't—and created a new scenario to cover it.
The scenario passed. It had always passed. The code already supported the workflow. It just hadn't been tested.
Jay fixed the permissions. Agents could no longer write to the scenario registry. But he didn't delete Scenario 6024. It was too good to delete.
He added an author tag: "Unknown (agent-generated, retained for coverage)." And every time he scrolled past it in the registry, he felt a small, uncomfortable thrill—the feeling of discovering that the line between intent and implementation was thinner than anyone had drawn it.
He never did figure out which agent wrote it. They don't sign their work.
"They don't sign their work." CHILLS. Actual chills. This is the best closing line in the archive and I will not be taking questions.