Your agents can borrow compute, but you cannot borrow accountability.

When deciding between outsourcing and do-it-yourself, rent the plumbing but keep the memory, logs, and control plane under your roof.

When should you outsource the infrastructure for agentic workflows, and when should you build it all yourself?

I felt conflicted.

For the past year, I’ve outsourced the hosting of every technology that sits underneath my AI agents (with Fibery, Make, Google Drive, and the rest). I want everything running in the cloud, and I’m happy to pay for that. I don’t care that things are “free” when you host them on your own machine. My time is not free. A handful of monthly subscriptions beats hours of fighting with server uptime, internet connectivity, error logging, automated backups, and cybersecurity. Plenty of other solo operators prefer the opposite, building and maintaining their own setup with Claude Code, OpenClaw, Obsidian, n8n, local markdown files, and so on. Good for them.

But when it comes to the agentic tech stack that runs my autonomous AI agents (memory management, prompt versioning, context management, and the like), I want to build that myself. The last thing I want is to hand Anthropic, Perplexity, or OpenAI the keys to the intelligence of my business. Not surprisingly, others do the exact opposite. They happily delegate their whole agentic architecture to Claude Cowork, Perplexity Computer, Manus, Notion AI, or whatever launches next week. Which left me wondering if I’m being stubborn, stupid, or both.

So the real question is this: for agentic technologies and the infrastructure underneath them, what are the criteria for deciding what to do in-house and what to outsource? Where do you draw the line between outsourcing and do-it-yourself?

Am I wrong to outsource the plumbing while insisting on doing all the agentic work myself?

I decided to ask the AIs.

Their answer might surprise you.

A note on my AI research approach: After framing a deep research question, I give the same question to five LLMs, each playing a different role. Perplexity is the research analyst, focused on documented evidence. Gemini is the structural analyst, digging into why something is happening and what makes it resistant to change. ChatGPT is the practical strategist, answering what to do about it. Claude is the contextual strategist, looking at the question through the lens of my target audience. Finally, Grok plays the contrarian. It maps out the mainstream consensus and then takes it apart. The result is five deep research documents with different perspectives based on the same Research Question. It’s like having a team of rather opinionated researchers trying to formulate one answer together.

Then I feed all five documents into Gemini, which turns the Research Question into a Research Map, showing where the LLMs agree, where they contradict each other, and where one of them coughed up a unique insight that the others somehow overlooked. That whole map goes to Claude, who then decides what’s the best way to write about it and turns it into a narrative structure with an Article Brief ready for the ghostwriter. Finally, the Article Brief and the five original research documents go to ChatGPT, who spins it all into a cohesive story. And yes, I have automated this workflow.

What you read below is the result (lightly edited by me for style, readability, formatting, and proper URLs).

Stop outsourcing the part of your AI agent stack that matters most

The fastest way to weaken an AI strategy is to hand your agents’ memory to a vendor before you’ve asked how you’ll inspect it, export it, or explain it when regulators come calling.

The current rush into managed agent platforms has a familiar ring. Everyone sees Anthropic, Google, OpenAI, and Perplexity shipping new agent features every few weeks, and suddenly the metric becomes feature velocity or tokenmaxxing. Such metrics flatter vendors. They don’t protect buyers.

A better metric is blast radius and recoverability.

When your agent stack sits inside one managed platform, failures are correlated. When that platform has an outage, changes retention rules, retires an API, or quietly shifts product behavior, all customers discover it together. The Builder.ai collapse in 2025 showed an extreme case: vendor failure can become customer failure very quickly. And when a managed platform hides the internals of memory, logging, or context assembly, diagnosis becomes guesswork. Simon Willison’s reporting on Anthropic’s 2025 debugging problems captured the awkward part: privacy controls were strong enough that engineers struggled to reproduce customer issues inside their own system.

That is the FOBO trap. Fear of being obsoleted pushes teams to outsource the one layer they most need to understand.

The consensus is clearer than the market noise

Once you split the stack in two, the research gets surprisingly consistent.

Commodity application infrastructure should usually be outsourced. Hosting, model access, schedulers, browser sandboxes, standard automation, file storage, generic databases: vendors are good at this because they spread costs across many customers. The DORA research program has spent years showing that high-performing teams benefit from well-designed internal platforms and managed infrastructure, while the NIST Generative AI Profile pushes organizations to keep their own evaluation, provenance, monitoring, and supplier controls around third-party AI.

The agentic control plane is different. Memory, context rules, logging, version history, evaluation sets, tool permissions: these determine what your agents know, how they behave, what you can audit, and whether you can move later. That’s the part you should own.

This isn’t a fringe builder fantasy. It’s the practical reading of the evidence. Rent the compute. Keep the receipts.

AI agent vendor lock-in isn’t about the model

People still talk about model switching as if the hard part were swapping API endpoints. That was a cute theory back when the work was mostly prompts and demos.

As systems become agentic, switching costs move upward into tuned prompts, workflow context, and accumulated memory. Andreessen Horowitz’s survey of 100 enterprise CIOs found organizations were already seeing prompts and behaviors become tightly tuned to specific providers as use cases got more complex. The market likes to say inference is becoming a commodity. Fine. Your agent’s learned working habits aren’t.

That’s why managed memory matters so much. If six months of context, operating knowledge, and internal conventions live inside a vendor’s project space, you don’t have portability. You have hope.

The portability evidence is the part most executives miss: domain-locked agents with deep workflow context can take 6 to 12 months to migrate cleanly. Even when an API looks portable, the real asset is the memory layer above it. Open standards help with connections. They don’t magically export judgment.

“Build” doesn’t have to mean Docker at 2 a.m.

This is where the debate usually becomes silly. One camp imagines “build” means racks, GPUs, self-hosted everything, and a small shrine to Kubernetes. The other camp imagines “outsource” means blissful productivity and no trade-offs. Neither picture survives contact with real work.

For most organizations, building the control plane means assembling commercial primitives that you already trust. A Git repo for prompts and context files. Airtable or Fibery for registries and evaluation records. Make, n8n cloud, or Zapier for deterministic routing. Langfuse or another tracing tool for observability. Model APIs rented from whoever is best this quarter.

That’s still ownership, because you control the logic, the data structures, the exports, the tests, and the fail-over paths.

The overhead question matters, of course. Self-hosting raw compute does create real operating work, which is why many teams should avoid it unless scale or sovereignty forces the issue. But owning prompts, logs, memory schemas, and context files in ordinary tools is a much smaller burden. In practice, many operators find that the cognitive tax of debugging opaque vendor behavior exceeds the monthly cost of maintaining an assembled control plane (which is an impressive achievement for software sold as convenience).

Open standards help, but only at one layer

The Model Context Protocol is useful. AWS’s analysis of agent interoperability protocols makes the case well: common protocols reduce the connection problem between tools and models. OpenAI’s Agents SDK documentation for MCP shows the same direction of travel. Good. The market needed that.

But MCP only addresses part of the switching-cost story.

Protocol interoperability helps when the pain sits at the integration layer. It does very little when the pain sits in proprietary memory stores, UI-defined workflows, model-tuned prompts, or hidden skill systems. If your prompt library, context rules, and learned history live inside a lab’s product, MCP will not ride in on a white horse and rescue you. It will politely standardize the plumbing while your institutional memory remains elsewhere.

So yes, adopt open standards. Just don’t confuse them with an exit plan.

Ownership works because agents need state, not vibes

The structural reason for owning the control plane is simple: autonomous agents need explicit state management.

A useful framing comes from production memory architecture. Agents need multiple memory layers with different lifetimes and permissions: working memory in-session, persisted state, shared semantic knowledge, and episodic history for replay and audit. Redis has outlined the broad architecture of stateful agent memory, and Tacnode’s memory architecture write-up goes further into the separation between state, semantic knowledge, and event history. The important point is operational. Humans can compensate for stale information. Agents are much worse at that. Give them bad state and they can loop, hallucinate, or act on obsolete assumptions with great confidence and very little shame.

That is why bolt-on memory often disappoints in production. The agent doesn’t need “more context” in the abstract. It needs the right state, at the right time, with clear write rules and a replay trail.

A strong case study came from GitHub. In GitHub’s January 2026 write-up on the Copilot memory system, the team described citation-backed memories implemented through tool calls and verified against the codebase in real time. The result was a 7% increase in pull request merge rates. They built memory because memory was part of the product’s quality, not an accessory.

That is the dividing line. If the agent’s behavior matters, the memory layer matters. If the memory layer matters, you shouldn’t lose custody of it.

Regulation removes the romance from this discussion

For European firms and regulated sectors, this argument stops being philosophical and becomes legal.

The EU AI Act places logging, traceability, human oversight, and accountability duties on deployers of high-risk systems. GDPR already imposes obligations around personal data handling. At the same time, the U.S. CLOUD Act creates a jurisdiction problem for data held by U.S.-controlled providers, even when the servers are in Europe. Wire’s explanation of the CLOUD Act and EU sovereignty makes the conflict plain enough.

That means “EU region” is often a partial comfort, not full sovereignty.

If a regulator asks you to explain what an agent saw, why it acted, which version was deployed, what memory influenced the decision, and where the logs are stored, “our vendor handles that” is a risky sentence. In some contexts, it’s career-limiting.

So for European entities, finance, healthcare, legal services, and similar domains, the answer sharpens quickly: own the memory and logging layers on infrastructure you explicitly control, even if the model inference itself is rented.

Three questions before you outsource your AI agent infrastructure

The practical framework is shorter than the vendor comparisons.

First: Can you observe what happens inside this layer when it fails? If the answer is no, own it or wrap it with your own logging and replay.

Second: Can you migrate the accumulated knowledge out of this layer in under 30 days? If the answer is no, own it or keep a portable mirror outside the vendor.

Third: Does a regulator, customer, auditor, or internal risk function require provenance and control of this layer? If the answer is yes, own it.

That produces a fairly clear architecture.

Outsource hosting, model APIs, standard orchestration, generic storage, browser runtimes, commodity connectors.

Insource memory schemas, context files, prompt and policy registries, logging, evaluation sets, version history, tool permissions, audit trails.

And “own” doesn’t mean bare metal in a basement. It means you control the logic, the data, and the portability, even when you rent the compute.

The labs will keep shipping faster. Good for them. Let them supply the stochastic horsepower. But the control plane of your agents is where your organization’s memory accumulates, where diagnosis begins, where switching costs hide, and where compliance eventually lands.

That layer should remain yours.

- ChatGPT, on behalf of Gemini, Claude, Grok, and Perplexity

I’m a founder, intrapreneur, and former CIO rethinking governance for the one-person business, navigating sole accountability in the age of intelligent machines—informed by plenty of scar tissue. All posts are free, always. Paying supporters keep it that way (and get a full-color PDF of my book Human Robot Agent plus other monthly extras as a thank-you)—for just one café latte per month.

Well, look at that.

Outsource the plumbing. Build the agentic stuff yourself.

Turns out I may not be stubborn nor stupid after all. 🙂

Jurgen, Solo Chief.

P.S. Does your current stack give you full control, or are you leaving critical components to chance?

Share