Packet Protector PP100: Building and Securing AI Agents – A Case Study
Mar 10, 2026
Kyler Middleton, a software engineer and DevOps lead who builds internal AI bots for healthcare, describes designing private Slack/Teams assistants and hosting models on AWS for data privacy. She discusses moving from bots to agentic AI with tool use, auditing and OAuth-backed authorization, cross-system workflows, logging and guardrails, and unexpected benefits like surfacing stale company docs.
AI Snips
Chapters
Transcript
Episode notes
Prefer Consumption Billing Over Per Seat Fees
- Avoid per-seat pricing where possible; pay for token consumption instead to reduce cost for occasional users.
- Kyler notes gen‑AI bot mode costed about a penny per query, making internal deployment economically feasible compared to seat licensing.
Agents Enable Multi Step Cross Platform Work
- Agentic models enable multi-step reasoning and tool usage across platforms, unlike single-turn generative bots.
- Kyler's agents query Jira, GitHub, Splunk, Rundeck, launch sub-agents and produce bespoke reports at ~ $0.60 per transaction.
Use Per User OAuth For Agent Writes
- When agents need to write or change systems, require users to authorize via OAuth so actions are performed under the user's identity for auditing.
- Kyler stores encrypted OAuth tokens in DynamoDB and ties actions to the user's token so logs show the human actor.