AI Agents Code So Fast AWS Gave Them a Guard

Amazon used its New York summit on June 21 to put a name to two problems holding AI agents back in real companies: they don't know the business they're working in, and the code they write fast is often wrong. AWS announced two services to patch those gaps — Continuum, a security layer for AI-generated code, and Context, a knowledge graph that gives agents the business background they've been missing.

Continuum watches the code agents produce and runs it through a full loop: it detects vulnerabilities, ranks them by business impact rather than raw count, validates whether each one is actually exploitable inside an isolated environment, and then suggests a specific fix. It can run in a learning mode that waits for human approval, or an enforcement mode that applies fixes on its own. Under the hood it leans on frontier models, including Anthropic's Claude Mythos. For now it's open only to a small set of pilot customers.

Why agents keep getting it wrong

The second service, Context, targets the other half of the problem. An agent that doesn't know your customers, your data, or your internal rules will confidently do the wrong thing. Context builds a knowledge graph from a company's databases, documents, emails and chat messages, works out the relationships between them, and layers in business rules — with access controls so an agent only sees what it's allowed to. It's built on the same foundation as Amazon's Quick assistant and learns over time which sources to trust.

AWS rounded out the announcements with a DevOps Agent that can run a 'release readiness review' and test in production-like environments (in free preview in US East), a native iOS version of its Kiro coding agent, and new connectors for Bedrock AgentCore that plug into S3, SharePoint, Confluence, Google Drive and web search.

Why it matters for you

Strip away the product names and there's an honest admission here: the gap between a demo agent and a trustworthy one is security and context, and the biggest cloud provider is now selling shovels for exactly that gap. That tells you where the pain actually is. The reason your pilot agent looked brilliant and your production agent embarrasses you is rarely the model — it's that the model has no idea what your business is, and nobody's checking its output before it ships.

My read: treat 'the agent wrote it' as the start of a review, not the end of one. The teams that win with agents in 2026 aren't the ones with the cleverest prompts; they're the ones who built a boring layer of checks and permissions around the clever part. AWS just made that layer a product, which is a good reminder to build your own version of it even if you never touch their service.