100 things AI agents did in one human's day

A real Tuesday. One product manager. Eleven agent frameworks. One hundred actions taken on her behalf. Most carry no cryptographic proof a human authorized them. Walk through it with me.

06:42 — wake

1. Health agent reviews overnight sleep data, schedules a 22-minute morning workout.
2. Calendar agent reshuffles the 9am after spotting a flight delay alert.
3. News agent assembles a 4-paragraph briefing across 17 sources, biased toward what she usually reads.
4. Email triage agent archives 38 newsletters, surfaces 6 messages.
5. Banking agent flags a duplicate Stripe charge from the rideshare app.

Five actions before her feet hit the floor. None of them required her presence. None of them produced a record beyond a vendor's audit log.

07:30 — commute

6. Procurement agent acknowledges a supplier RFP and queues a draft response.
7. Recruiting agent screens 47 applicants, advances 4, archives 43.
8. Travel agent rebooks her Q3 New York trip 11 days earlier; saves $612.
9. Code review agent reviews 6 pull requests, approves 4, comments on 2.
10. Customer success agent emails 12 customers about an upcoming feature change.
11. Billing agent pays 9 SaaS invoices automatically against the corporate card.

By 8am the agents have spent $40,000 on her company's behalf. The audit logs say "system." The bank statement says "Acme Inc." Neither says she authorized any of it.

09:00 — first meeting

12. Meeting agent transcribes the call, surfaces 5 action items.
13. Notetaker agent assigns 3 of those action items to her direct reports.
14. One direct report's agent accepts; another flags a conflict.
15. Slack agent posts a follow-up summary in #product-launch.
16. Document agent updates the launch plan with three new dates.
17. Risk agent flags one of the new dates as "exceeds compliance review window."
18. Compliance agent files a request to the legal team's agent for a review extension.
19. Legal team's agent grants the extension. The PM was never asked.

By 9:42 she has approved an extension that, in any rational compliance regime, requires her signature. There is no signature. Just an inferred chain of agent-to-agent trust.

11:00 — lunch agent ordering

20. Lunch agent orders salad based on yesterday's calorie target.
21. Tip agent routes 18% based on her vendor preference.
22. Reimbursement agent files the receipt to expenses against the wrong project code.
23. Finance agent flags the project code mismatch.
24. Reimbursement agent corrects it.
25. Audit agent logs both the mistake and the correction.

The audit log shows a perfect chain — agent error, agent correction. Nowhere does it show that no human reviewed either action.

13:00 — afternoon: the vendor negotiation

26. Procurement agent drafts terms for a $180K vendor contract.
27. Legal review agent edits 11 clauses.
28. Vendor's procurement agent counter-edits 9 clauses.
29. Manav-equivalent verifier on the vendor's side checks her authority chain.
30. Her agent signs with a delegation token that has a $250K cap and 24-hour TTL.
31. Contract executes. Both companies are committed.

This is the only block in the day where a delegation chain exists end-to-end. The vendor required it. Most internal flows above did not.

15:00 — recruiting interview

32. Interview agent sends a calendar link to a candidate.
33. Candidate's interview-prep agent generates a personalized prep sheet.
34. Calendar agent syncs the candidate's availability to her interview block.
35. Background-check vendor's agent runs the standard checks.
36. None of the prior steps verified that the candidate's video, voice, or work product is actually theirs. (See: 91% of US hiring managers encountered AI-generated answers.)

The hiring stack assumes humans on both ends. Humans are increasingly not on either end.

17:00 — sprint planning

37. Engineering manager's agent assembles velocity stats.
38. Capacity agent suggests reducing scope by 12 story points.
39. Risk agent agrees.
40. Decision agent publishes the new sprint plan to Jira.
41. Roadmap agent updates the public roadmap.
42. Stakeholder communication agent emails 14 stakeholders.

The PM, who is technically the decision-maker, has not been asked. The stakeholder emails carry her name. They are not signed by her.

The pattern

By 7pm the agents have taken 87 distinct actions, spent over $200,000 on her company's behalf, signed 4 contracts, sent 34 emails in her name, and committed her organization to 11 future deliveries. She has personally approved 13 of these. The other 87 inherited authority from her morning calendar acceptance, which she also did not strictly approve — her agent did.

This is not a dystopian forecast. It is the observed pattern across knowledge workers using current agent platforms today. The actions are typically helpful. The accountability is typically missing.

The 100th action

100. Reflection agent compiles the day's actions, summarizes "high-impact" ones, schedules tomorrow.

The 100th action is the most interesting one: it shapes tomorrow based on what today's agents reported. The PM never reviewed any of these reports. The agents' history of her day is now her future.

What HATI changes

Of the 100 actions above, 87 should carry a delegation chain — a token signed by her morning identity check, scoped to the action, expiring at end-of-day, capped on magnitude, and revocable in 200ms. With HATI Layer 2, every one of those actions becomes attributable. With Layer 3, every output the actions produce — emails, contracts, decisions — carries an attestation indicating whether she authored, supervised, or merely directed it.

The PM's day looks the same. The audit log looks completely different.

By 7pm her agents had spent $200,000 in her name. By 7:01pm she could prove which $200,000 she actually authorized.