The Five Ways Agents Fail

👋 Hi, welcome to Signal Lab where the team at Innate Language Processing digs deep into language & behavior, the limits of technologies, and the connection between what people say and do. For venture investors and founders.

AI agents can do a lot,¹ if you let them: ingest reams of data, manage calendar and comms, source companies, process pitch decks, run market research, draft deal memos, perform investor relations. The efficiency they offer is significant, and many investors already can’t imagine life without them.

In mid-2023 James Currier (GP, NFX) said, “Let’s be honest: much of what a typical venture capitalist does — reading, summarizing, and ranking — is what large language models already do extremely well.” It was true when he said it, and even more true now, with agentic advances. A recent academic paper found that agents produce similar quality results at top-of-funnel screening, 537x faster than an associate,² especially when applying a clear investment thesis.

But agents are not all upside.

If you’re using AI agents across your stack, you need to know that agents fail. These are the ways, big and small, that will happen.

The fundamental problem is that bias in LLMs is a feature, not a bug. Agents operate on top of LLMs. LLMs are LLMs, they cannot get rid of bias.³ Neither can agents.

This is why the #1 concern among data-savvy investors is algorithmic bias. It deserves its own post. The whole point of leveraging algorithms is to filter and prioritize based on patterns, but when those patterns are biased, the output is too.

For instance, VCs argue that agents can better uncover first-time founders in underserved areas because the data is not being filtered through referrals and networks. However, overindexed traits have been overindexed in the discourse and decisions of venture capital – this is the training data for LLMs, perpetuating the pattern-matching problem. And indeed, early studies have shown that LLMs exhibit the same cognitive biases as human investors (or, even more severe bias), even when debiasing measures are in place (e.g., prompting to ignore certain data or nudging the LLM to search with priorities like women-led, regional diversity, etc.).

If you thought that we could just train the bias out of the model using synthetic data, you are wrong (—> model collapse). And if you thought we can just untrain the models or pluck out problems and overinfluence, it’s not that simple. Look into the work of nonprofit DAIR for more along these lines. And unless you’re building your own model, you have no control over this.

In the era of widespread adoption of unapproved generative AI tools at work (aka a new branch of longstanding “shadow IT”), most agents are deployed without proper security measures, leaving investors’ infrastructure vulnerable to data leakage. Not coincidentally, regulatory is the area of least concern among data-focused VCs, surveys show. Generally, agents do not handle data privacy, copyright, and security in ways that optimize for protection.

If your agents’ use of APIs involves your sensitive data leaving your environment, it is much harder to assess your security risk. Especially for VCs dealing with companies in regulated industries like fintech and healthcare particularly, this is huge. Self-hosted open source models are the most secure choice because data never leaves a controlled environment, but performance lags behind most foundation models and managing them is no small task. At bare minimum, most investors aren’t even using available methods of securely bridging their data to a LLM.⁴ Making agents secure is a very big task which most VCs approach with a slapdash solution or an opt-out.

LLMs are effectively next-token-predictors. While their output is impressive, they are not “thinking” machines.⁵ Agents, sitting atop the LLM, are also not thinking machines. They are orchestrations, making typical agent mistakes: compounding errors across steps (a bad retrieval in step 2 corrupts everything downstream), not knowing when to stop or escalate, and demonstrating unpredictable behavior when the environment doesn't match what the agent was designed for. Plus, they still fail in basic LLM tasks because they are built on LLMs and inherit their shortcomings.

Agent reliability can fluctuate over time. Hallucinations and AI slop can occur. When an agent is used on the front line, the agent may claim it took an action it never did, it can fabricate details. It’s such a big problem that you can now find patches on github to address investor-agent hallucinations specifically.

This is the layer VCs are relying on to separate the companies worth seeing from those to ignore?

Typical agents are built on off-the-shelf models. Off-the-shelf models aren’t differentiated (i.e., they aren’t going to give you an edge since anyone can use them). Have we considered this could lead to homogenized decision-making?

Or perhaps prompt writing is the new differentiation?

In the words of the AI Realist (also a computational linguist), “I do not argue that a prompt has no impact on the output - on the contrary, it has too much impact. An impact that is inconsistent and difficult to control. It is a useful skill to be able to word your query so that it returns a good answer, but it is equally important to know when to stop tuning that query and to understand that no amount of prompting can ensure consistency.”

“Prompt engineering” is not just a productivity trap, it is already outmoded: AI-generated prompts are proven to outperform expert-human prompts. Humans are optimizing prompts for machines that are better at writing prompts than the human doing the optimizing. “Prompt Engineer” job posts went extinct for a reason.

The rise of solo GPs was fueled by LLM support. Carta’s 2025 year-end data showed over 3200 solo GP funds in the US, up from 1100 in 2020. But agents are much, much more expensive. Token cost is a massive investor opex line item, where spinning up from 4-figure to 6-figure spend within a couple quarters is not unheard of.⁶

The gap between the agentic architectures staged by the biggest VC firms and the smaller (or solo) firms is very wide (Exhibit A). It’s easy to imagine that, just as in hedge funds, the top VC firms will increase their lead by creating operating advantages through developer-led processes that are simply too expensive for smaller funds to emulate.

One Last Failure

The more things change, the more they stay the same: investors have always been obsessed with not missing out on a potential unicorn. That obsession is what drove agentic workflow adoption in the first place in VC. Two sides of the same FOMO coin. But agents — despite their real benefits of scaling insights and reach, speeding and synthesizing data collection, and systematizing deal review — do fail. They fail to recognize unicorns. They fail to return accurate information, sometimes they even falsify it. In VCs’ eagerness to create “bionic firms”, they have pulled the human out of the loop prematurely, embracing time savings won by unnumbered inaccuracies and vulnerabilities left open.

One last way agents fail?

They can’t even comprehend the most critical factor in the investment decision. Founder risk. Agent filters miss it completely.

Person-based risk, despite its inherence in linguistic artifacts, is not interpretable by agents or LLMs. LLMs are notoriously limited in perceiving impression-based, intuition-led factors of human judgment. This is a line of demarcation, and agents cannot cross it.

But you can, with a little help.

See you next month.