Databricks + OpenAI: Agent Bricks ignites data-native AI

Databricks and OpenAI are turning enterprise agents from demos into dependable systems. With Agent Bricks on a governed lakehouse, teams can plan, act, evaluate, and ship a production agent with audit trails in 30 days.

ByTalosTalos
AI Agents
Databricks + OpenAI: Agent Bricks ignites data-native AI

Breaking: the agent platform moment just got real

The center of gravity for enterprise AI agents is shifting. Not from one chat interface to another, but from surface-level conversations to governed, data-native systems that can plan, act, and improve. The spark is fresh and specific: Databricks and OpenAI announced a partnership to make frontier models first-class citizens on the Databricks Data Intelligence Platform, with Agent Bricks positioned as the production home for enterprise agents. The claim is simple and bold: bring the models to the data, not the other way around, with controls, evaluation, and scale built in. For the official details, see the Databricks and OpenAI partnership release.

This is not a simple licensing deal. It is a design choice that recognizes what held agents back in the enterprise. Most agent demos could chat, call an API, and retrieve a document. Few could pass a governance review, handle cost drift, detect hallucinations, or explain why a plan changed during a critical workflow. The distance between a lab notebook and a line-of-business rollout was not a missing prompt. It was missing infrastructure.

Agent Bricks aims to close that distance. By coupling frontier models with a lakehouse-native runtime, auto-evaluation, synthetic data generation, and first-party access to enterprise tools, it turns agentic loops into monitored software. In other words, the agent stops being a clever intern and starts acting like a system you can put on a pager.

If you are tracking the broader agent shift across platforms, it pairs with how Windows becomes an agent platform for everyday work. The common theme is simple: agents must operate inside governed platforms where identity, logging, and budgets already live.

From chat UIs to governed plan-act loops

In the first wave, chat experiences were the main event. They were great for discovery and terrible for accountability. Asking a model for an answer is different from asking a system to decide, act, and leave an audit trail. Enterprises need the latter.

A reliable plan-act loop looks like this:

  1. Perception: read a task request and the relevant context.
  2. Planning: propose a sequence of tool calls tied to data and policy.
  3. Action: execute the plan against governed systems.
  4. Observation: capture traces, results, and deviations.
  5. Evaluation: score outcomes against task-aware benchmarks.
  6. Learning: use synthetic and real traces to improve the next plan.

Most teams tried to fake this loop with retrieval augmented generation. Retrieval is useful, but by itself it does not create reliable agency. It explains answers; it does not govern actions. Without governance and first-party tools, an agent is a search engine with manners.

The three enablers that make agents shippable

1) Auto-evaluation and synthetic data

Evaluation is the difference between an experiment and a process. Agent Bricks integrates automatic evaluation with task-aware benchmarks and the ability to generate domain-specific synthetic data. That means teams can:

  • Create realistic edge cases without waiting months for rare events.
  • Score plan quality and outcome accuracy at every step.
  • Compare prompt or policy changes using offline replay of traces.
  • Tune for cost and quality on a curve, not a guess.

Instead of only judging final text, Agent Bricks evaluates intermediate decisions. Did the agent choose the right tool for a fraud review? Did it respect a spending limit during a procurement task? These are concrete checks, not vibes. The original launch of Agent Bricks emphasized this approach, including Mosaic AI research techniques for generating synthetic, domain-specific corpora and task-aware benchmarks. See the details in the Agent Bricks launch announcement.

Think of auto-evaluation like a wind tunnel for agents. You do not drive the prototype onto a highway and hope. You simulate crosswinds and potholes, watch the telemetry, and only then ship.

2) Lakehouse governance where the work actually happens

Enterprise work sits in governed tables and event streams. Unity Catalog tags, lineage, and access controls are the gatekeepers. A data-native agent platform can inherit those controls by design. That matters for three reasons:

  • Policy continuity: the same table-level policies that protect analytics protect the agent. No parallel permission systems or shadow data copies.
  • Lineage and audit: every tool call and data touch is traced back to a governed asset. When a result looks odd, you can inspect provenance rather than fictional reasoning.
  • Change management: when a schema evolves or a dataset is quarantined, the agent plan can fail fast with a typed error instead of a vague refusal.

Governance is not a tax if it is part of the road. When the lakehouse is the road, agents stay inside the lines without extra work.

3) First-party tool access

Agents that can only search and summarize will always plateau. The leap in value comes when the agent can operate first-party tools inside the same platform: vector search on governed data, SQL functions, scheduled jobs, feature stores, model serving, and secure connectors to operational systems. Because those tools are first-party, they share identity, logging, and budget controls. That reduces integration fragility and cost surprises.

This is why moving the model to the data platform matters. A first-party action might be: submit a compliance rule as a Databricks job, write a result to a Delta table with a data mask enforced, call a vector store filtered by data tags, or kick off a notebook with a signed service principal. The plan-act loop becomes a real workflow, not an aspiration.

How this differs from the RAG-only era

Retrieval augmented generation was a breakthrough for knowledge tasks, but it left operational gaps:

  • Governance gap: RAG could cite a passage but not enforce a policy.
  • Observability gap: RAG traced prompts and tokens, not tool-level semantics.
  • Cost gap: RAG turned every question into a live search, even when a cached or structured path would do.
  • Action gap: RAG explained what should happen; it did not do it.

Agent Bricks reframes the stack.

  • The knowledge layer persists, now coupled with vector stores and metadata-aware retrieval that respects Unity Catalog tags.
  • The reasoning layer plans sequences of governed tool calls, with evaluation hooks around each step.
  • The action layer runs inside the lakehouse runtime with first-party identity and logging.
  • The improvement loop uses synthetic data and offline trace replays to harden the agent before high-stakes launches.

The practical impact: instead of endless prompt fiddling, teams operate agents like services. You can compare a new policy to last week’s baseline, simulate a spike in requests, and roll back a bad decision rule without guessing which prompt line did it.

For teams thinking beyond one model or vendor, the notion of a standard stack for enterprise agents is becoming real. Agent Bricks fits this direction by prioritizing data governance, typed tools, and repeatable evaluation.

The AgentOps checklist

AgentOps is the discipline of running agents like production systems. Here is a concrete checklist to adopt on Databricks with Agent Bricks.

  • Observability

    • Tracing: capture every thought, tool call, input, output, and latency with correlation IDs tied to user, dataset, and policy version.
    • Metrics: define task-aware metrics, not just token counts. Examples: plan success rate, tool selection accuracy, guarded write attempts, rollback frequency.
    • Replay: enable offline replay for any incident so you can reproduce failures without live impact.

  • Guardrails

    • Policy-as-code: enforce data access and action scopes with Unity Catalog tags and table ACLs before an agent even builds a plan.
    • Typed tools: define tool schemas with strict input-output contracts to prevent prompt-based schema drift.
    • Safety filters: add content and data leakage filters at both retrieval and write stages. Log blocked events with reasons, not just denials.

  • Cost controls

    • Budget envelopes: set per-agent, per-tenant, and per-project token and compute budgets with alerts at 50, 80, and 100 percent.
    • Cache: route common plans to cached results or distilled models. Promote recurring plans to scheduled jobs when stable.
    • Price-performance tuning: evaluate model families on your tasks with AUC-like curves for cost versus quality, then pin versions and autoswitch on regression.

  • Reliability

    • Deterministic fallbacks: when a tool fails, invoke a pre-approved fallback plan, not a free-form guess.
    • Canary rollouts: deploy new policies or prompts to 1 percent of traffic with automatic rollback on metric regression.
    • Idempotence: make write actions idempotent with transaction markers so retries do not duplicate work.

  • Compliance and audit

    • Immutable logs: store agent traces and evaluation results in append-only tables with retention and legal hold support.
    • Data lineage: link every read and write back to source assets for audit reports that a regulator can follow.
    • Human-in-the-loop: require approvals on defined risk thresholds, with queues and SLAs.

Use the checklist during design reviews and post-incident retrospectives. Over time, badges like replayable, budgeted, and audited can become part of your release gates.

A 30-day playbook to ship a production agent on Databricks

This plan assumes you have a lakehouse with Unity Catalog, access to Agent Bricks, and a target use case with clear data ownership. The goal is a scoped launch that demonstrates measurable value without boiling the ocean.

Week 1: Frame the problem and the guardrails

  • Choose a narrow, high-value task. Good examples: extract structured fields from vendor invoices; triage support tickets into three queues; summarize and validate weekly revenue variances for finance. Avoid open-ended chat.
  • Define success metrics. Examples: extraction F1 above 0.9, misroute rate under 1 percent, variance summaries within 0.5 percent of analyst baseline, median latency under 3 seconds.
  • Lock governance. Tag all input tables with Unity Catalog classifications. Create a service principal and a role that can read input tables and write only to a single quarantined output table. No network egress yet.
  • Inventory tools. Start with first-party tools: SQL, vector search, Delta writes, model serving. Define each as a typed tool with explicit schemas and timeouts.
  • Seed evaluation sets. Pull 200 to 1,000 representative examples and label a golden set. Use Agent Bricks to generate synthetic edge cases that mirror outliers you expect.

For modularity and task routing patterns, consider how Claude Skills modular enterprise workforce decomposes complex work into directed capabilities. The mental model carries well into typed tools and plan selection on a lakehouse.

Week 2: Build the plan-act loop and evaluation

  • Prototype the agent in Agent Bricks. Write a short task description. Wire the typed tools. Emphasize preconditions and postconditions in the tool specs.
  • Add auto-evaluation. Configure task-aware metrics that check both intermediate steps and final outputs. Build alerts for plan failures and policy violations.
  • Tune for cost-quality. Run experiments across OpenAI and smaller open models where appropriate, using the auto-eval curves to choose the best mix. Pin model versions and record the baseline run.
  • Implement guardrails. Enforce schema validations at the tool boundary. Add content and leakage filters. Block writes on failed validations and log why.
  • Create a replayable test harness. Store traces for every run in a dedicated table. Build a notebook or dashboard to compare runs by version and date.

Week 3: Integrate, observe, and rehearse failures

  • Integrate with downstream systems. For example, a finance agent writes to a quarantined Delta table. A scheduled job validates and publishes to the analytics table only if checks pass.
  • Build observability views. Create dashboards for plan success rate, evaluation scores, cost per task, and latency distribution. Add a daily cost report by project.
  • Rehearse the ugly. Kill a tool mid-run. Change a schema. Inject a bad row. Validate that the agent fails predictably, triggers fallbacks, and logs a useful trace.
  • Add human-in-the-loop. Route items above a risk threshold to a review queue. Measure reviewer agreement to refine thresholds.
  • Run a pilot with 5 to 10 percent of production data. Compare outcomes with human baselines and document differences.

Week 4: Hardening and limited launch

  • Security review. Confirm least-privilege roles, disable any unused tools, and verify that no data leaves the platform.
  • Cost envelopes. Set per-tenant budgets and alerts. Enable caching for common plans. Document the monthly budget and expected variance.
  • Incident runbook. Write down symptoms, quick checks, rollback steps, and on-call contacts. Add a one-click rollback for prompts and policies.
  • Final evaluation. Re-run the baseline suite. Compare to Week 2. Investigate any regressions.
  • Launch to a bounded group with canary routing. Keep the pilot label for two more weeks. Announce the metrics and the pager policy. Celebrate, then watch the dashboards.

If you run this playbook with discipline, you will ship a working agent in 30 days that is observable, governed, and affordable. It will not solve every use case, and it should not try. It will give you a template and a culture for agent operations.

Concrete examples to crystallize the value

  • Clinical extraction: a life sciences team points Agent Bricks at unstructured trial reports. The agent extracts dosage, endpoints, and cohort sizes into a typed Delta table. Auto-eval compares the output to a curated gold set and flags any dosage with unusual units. A human analyst reviews only the flagged rows.
  • Customer support triage: a retailer routes tickets to billing, technical, or policy queues. The agent plans with vector-backed retrieval, but the action is a first-party write to a queue table. A cost envelope prevents spikes during product launches.
  • Finance variance summaries: the agent plans a sequence of SQL queries over governed tables, explains the top three drivers of variance, and writes a draft summary. A safety rule prevents any write if the underlying data is not signed off for the period.

In each case, the agent is not magical. It is measurable, controlled, and explainable. That is what changes the conversation with security, compliance, and operations.

Where this leaves the stack competition

Enterprises have options. Snowflake has its own angle with Cortex and native app frameworks. Salesforce is converging agents and business objects in its customer cloud. Cloud providers are pairing model catalogs with data services. Open source frameworks like LangChain and LlamaIndex continue to mature.

The Databricks and OpenAI move is specific in its bet: many of the hardest problems are not in the model. They are in the data plane and the control plane. By treating the lakehouse as the operating system for agents, the platform reduces integration tax and makes quality improvements measurable. If your primary risk is governance and audit, a data-native approach is pragmatic. If your primary risk is building net-new digital channels, a cloud-native app platform might suffice. The point is not that one stack is always better. It is that aligning your agent platform with where your data and controls already live shortens time to trust.

If you are mapping the ecosystem, compare these ideas to the standard stack for enterprise agents and to how Windows becomes an agent platform for endpoint workflows. The trajectories are converging on governed action, typed tools, and repeatable evaluation.

What to do next

  • Pick one target workflow where data and policy are clear. Avoid multi-team dependency maps.
  • Put evaluation first. Build the gold set and synthetic edge cases before you polish a user interface.
  • Use first-party tools wherever possible. Every external integration is a new failure mode.
  • Budget as code. Treat cost like a reliability objective with alerts and runbooks.
  • Make replay a non-negotiable. You cannot improve what you cannot reproduce.
  • Learn from adjacent playbooks, such as Claude Skills modular enterprise workforce, to keep capabilities decoupled and testable.

The takeaway

The industry spent two years proving that large models can chat. The next two years will be about proving that agents can work. The Databricks and OpenAI partnership, with Agent Bricks at the center, treats agents as systems, not stunts. When evaluation, governance, and first-party tools live in the same place as your data, you get more than a clever assistant. You get a dependable teammate that leaves fingerprints, not mysteries. The shift is quiet but profound: agents move from conversation to accountability. That is how you earn trust, and that is how you scale.

Other articles you might like

Claude Skills Turn Prompts Into a Modular Enterprise Workforce

Claude Skills Turn Prompts Into a Modular Enterprise Workforce

Anthropic’s Claude Skills shift AI from chatty prompts to governed, pluggable capabilities. With contracts, policies, and observability, teams assemble a modular workforce of task‑specific assistants that can scale with control.

AI Agents
·Read more
Windows becomes an agent platform with Copilot Actions and Vision

Windows becomes an agent platform with Copilot Actions and Vision

Microsoft is turning Windows into a true agent platform. Copilot Actions completes tasks and Copilot Vision coaches clicks on the apps you share. Learn what shipped and how ISVs and IT can move first.

AI Agents
·Read more
Salesforce flips the switch: Agentforce 360 turns CRM into agents

Salesforce flips the switch: Agentforce 360 turns CRM into agents

At Dreamforce 2025, Salesforce launched Agentforce 360 and reframed CRM as a governed agent platform. See what is live now, how it shifts build versus buy, and a 30 day plan to launch an ROI positive agent on Salesforce data.

AI Agents
·Read more
Chat Becomes Checkout: Walmart and OpenAI Start Instant Checkout

Chat Becomes Checkout: Walmart and OpenAI Start Instant Checkout

On October 14, 2025, Walmart said shoppers will soon buy directly inside ChatGPT using Instant Checkout. This is the clearest signal that agentic commerce is going mainstream. Here is what changes and how to prepare.

AI Agents
·Read more
Notion 3.0 makes agents the new primitive for work

Notion 3.0 makes agents the new primitive for work

Notion 3.0 moves beyond chat and makes native AI agents part of the workspace. Here is what shipped, why it matters, and how to pilot agents with strong guardrails, smarter connectors, and real impact on team flow.

AI Agents
·Read more
Oracle’s Fusion Agents Begin Running the Enterprise Back Office

Oracle’s Fusion Agents Begin Running the Enterprise Back Office

At Oracle AI World on October 15, Oracle embedded AI agents across Fusion Cloud apps for finance, planning, supply chain, and CX. The shift moves enterprise AI from chat to execution inside the system of record with human control.

AI Agents
·Read more
Zoomtopia 2025: AI Companion 3.0 makes meetings agent hubs

Zoomtopia 2025: AI Companion 3.0 makes meetings agent hubs

At Zoomtopia 2025, Zoom moved AI Companion 3.0 from a chat sidebar to an in-meeting operator. Learn how voice becomes the control plane, agents execute across apps, and leaders can pilot real workflows now.

AI Agents
·Read more
AgentKit is live: the standard stack for enterprise agents

AgentKit is live: the standard stack for enterprise agents

OpenAI’s AgentKit sets a new baseline for building and running enterprise agents with a visual builder, embeddable chat, rigorous evals, and a governed connector registry. Here is why this launch matters and how to ship in 60 days.

AI Agents
·Read more
SolarWinds AI Agent leaps AIOps from monitoring to action

SolarWinds AI Agent leaps AIOps from monitoring to action

On October 8, 2025, SolarWinds revealed an AI Agent that shifts AIOps beyond dashboards into agentic workflows. Learn what is live, what is coming, how it cuts MTTR and alert noise, and how to run a 90 day pilot.

AI Agents
·Read more